| |
| |||||||
Log-Analyse und Auswertung: Virenverdacht. Kann jemand Logfile analysieren?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.01.2018, 21:52
| #1 |
 |  Virenverdacht. Kann jemand Logfile analysieren? Hallo, mein Rechner ist seit kurzem sehr langsam geworden (sämtliche Prozesse). Was ich an offensichtlicher Merkwürdigkeit erkennen kann, ist ein nicht schließbares Browserfenster im Firefox, welches eine fake-Seite mit Aufforderung der Aktualisierung des flashplayers beinhaltet. AV-Program (Comodo) hat nichts gefunden. Kann mir jemand weiterhelfen? Anbei der Hijack-Logfile. Ich habe auch einen Farbar-Logfile erstellt, aber damit es nicht zu unübersichtlich wird vielleicht erstmal nur Hijack. Logfile of HijackThis Fork (Alpha) by Alex Dragokas v.2.7.0.24 Platform: x64 Windows 10 (Home), 10.0.16299.125 (ReleaseId: 1709), Service Pack: 0 Time: 04.01.2018 - 20:34 (UTC+01:00) Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407) Elevated: Yes Ran by: Timothy (group: Administrator) on SILBERLOCKE, FirstRun: yes Firefox: 57.0.3.6569 Edge: 11.0.16299.125 Internet Explorer: 11.0.16299.98 Default: "C:\program files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe 1 C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe 1 C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 1 C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1 C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe 1 C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe 1 C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe 1 C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe 6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 1 C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 1 C:\Program Files\Bonjour\mDNSResponder.exe 1 C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe 1 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 1 C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe 1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 1 C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe 1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe 1 C:\Program Files\Intel\iCLS Client\HeciServer.exe 1 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 2 C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 3 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1 C:\Program Files\Windows Defender\MSASCuiL.exe 1 C:\Program Files\Windows Defender\NisSrv.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe 1 C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\OneDrive.exe 1 C:\Users\Timothy\Downloads\MemCompression 2 C:\Users\Timothy\Downloads\hijackthis.exe 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 1 C:\Windows\RTFTrack.exe 1 C:\Windows\SysWOW64\IntelCpHeciSvc.exe 1 C:\Windows\System32\ApplicationFrameHost.exe 4 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\backgroundTaskHost.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dasHost.exe 3 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\escsvc64.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\ibtsiva.exe 1 C:\Windows\System32\igfxCUIService.exe 1 C:\Windows\System32\igfxEM.exe 1 C:\Windows\System32\igfxHK.exe 1 C:\Windows\System32\igfxTray.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\msdtc.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 73 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 1 C:\Windows\explorer.exe 1 D:\1&1\1&1 Surf-Stick\AssistantServices.exe 1 D:\Eigene Programme\Mozilla\Thunderbird\thunderbird.exe 1 D:\Eigene Programme\Softonic\gfSubtitlePlayer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2-32 - HKLM\..\BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll O3-32 - HKLM\..\Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll O4 - Global User Startup: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe O4 - Global User Startup: iSCTsysTray.lnk -> C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe O4 - HKCU\..\Run: [OneDrive] C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background O4 - HKCU\..\StartupApproved\Run: [EPLTarget\P0000000000000000] (2015/08/04) C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-412 413 415 Series" O4 - HKCU\..\StartupApproved\Run: [EPLTarget\P0000000000000001] (2015/08/04) C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-412 413 415 Series" O4 - HKCU\..\StartupApproved\Run: [Spotify Web Helper] (2014/10/15) C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe O4 - HKLM\..\FileRenameOperations: C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp -> C:\WINDOWS\AppCompat\Programs\Amcache.hve O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe O4 - HKLM\..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe O4 - HKLM\..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe O4 - HKLM\..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\WINDOWS\WindowsMobile\wmdc.exe O4 - HKLM\..\StartupApproved\Run32: [IseUI] (1601/01/01) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe O4 - HKLM\..\StartupApproved\Run32: [PDFPrint] (2015/08/04) D:\Eigene Programme\PDF24\pdf24.exe O4 - HKLM\..\StartupApproved\Run32: [UIExec] (2016/04/23) D:\1&1\1&1 Surf-Stick\UIExec.exe O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_Dolby] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_LENOVO_MICPKEY] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s O4 - HKLM\..\StartupApproved\Run: [RtsFT] (1601/01/01) C:\WINDOWS\RTFTrack.exe O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) C:\Program Files\Windows Defender\MSASCuiL.exe O4 - HKLM\..\StartupApproved\Run: [SynTPEnh] (1601/01/01) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] (2015/08/04) C:\Program Files\iTunes\iTunesHelper.exe O4-32 - HKLM\..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4-32 - HKLM\..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s O9-32 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll O9-32 - Extra button: (no name) - HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll O9-32 - Extra button: Mobilen Favoriten erstellen - HKLM\..\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll O17 - DHCP DNS - 1: 192.168.178.1 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O21 - ShellIconOverlayIdentifiers: BackedUpOverlay Class - {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing) O21 - ShellIconOverlayIdentifiers: Enhanced Storage Icon Overlay Handler Class - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} - C:\Windows\System32\EhStorShell.dll O21 - ShellIconOverlayIdentifiers: PendingOverlay Class - {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing) O21 - ShellIconOverlayIdentifiers: RootFolderOverlay Class - {A759AFF6-5851-457D-A540-F4ECED148351} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing) O21 - ShellIconOverlayIdentifiers: SharedOverlay Class - {1574C9EF-7D58-488F-B358-8B78C1538F51} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing) O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Invitation" O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Invitation" O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Invitation" O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Update" O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Update" O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Update" O22 - Task: (Ready) Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O22 - Task: (disabled) (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --telemetry O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\StartupAppTask - C:\WINDOWS\system32\rundll32.exe Startupscan.dll,SusRunTask O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\BthSQM - {C8367320-6F85-11E0-A1F0-0800200C9A66},SYSTEM - C:\WINDOWS\System32\BthTelemetry.dll O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Consolidator - C:\WINDOWS\System32\wsqmcons.exe O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip - {C27F6B1D-FE0B-45E4-9257-38799FA69BC8},SYSTEM - C:\WINDOWS\System32\usbceip.dll O22 - Task: (disabled) (telemetry) \Microsoft\Windows\IME\SQM data sender - {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} - C:\Windows\System32\IME\shared\imecfm.dll O22 - Task: (disabled) Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O22 - Task: (disabled) AdobeAAMUpdater-1.0-Silberlocke-Julia - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (file missing) O22 - Task: (disabled) CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch (file missing) O22 - Task: (disabled) Dolby Selector - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart (file missing) O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Invitation" O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Invitation" O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Invitation" O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Update" O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Update" O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Update" O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic O22 - Task: (disabled) OneDrive Standalone Update Task - C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: (disabled) Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002 - {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF},$(Arg0) - C:\Windows\System32\twinapi.dll O22 - Task: (disabled) Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006 - {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF},$(Arg0) - C:\Windows\System32\twinapi.dll O22 - Task: (disabled) \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe O22 - Task: (disabled) \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} O22 - Task: (disabled) \COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} O22 - Task: (disabled) \COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22} O22 - Task: (disabled) \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} O22 - Task: (disabled) \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} O22 - Task: (disabled) \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file) O22 - Task: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll O22 - Task: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll O22 - Task: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) - {CF2CF428-325B-48D3-8CA8-7633E36E5A32} - C:\WINDOWS\system32\msdrm.dll O22 - Task: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) - {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} - C:\WINDOWS\system32\msdrm.dll O22 - Task: (disabled) \Microsoft\Windows\AppID\EDP Policy Manager - {DECA92E0-AF85-439E-9204-86679978DA08},EdpPolicyManager - C:\WINDOWS\System32\AppLockerCsp.dll O22 - Task: (disabled) \Microsoft\Windows\AppID\PolicyConverter - C:\WINDOWS\system32\appidpolicyconverter.exe O22 - Task: (disabled) \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - C:\WINDOWS\system32\appidcertstorecheck.exe O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\CleanupTemporaryState - C:\WINDOWS\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\DsSvcCleanup - C:\WINDOWS\system32\dstokenclean.exe O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\appuriverifierdaily - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\appuriverifierinstall - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe O22 - Task: (disabled) \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask O22 - Task: (disabled) \Microsoft\Windows\Autochk\Proxy - C:\WINDOWS\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations O22 - Task: (disabled) \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll O22 - Task: (disabled) \Microsoft\Windows\Bluetooth\UninstallDeviceTask - C:\WINDOWS\system32\BthUdTask.exe $(Arg0) O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},AIKCertEnroll - C:\WINDOWS\system32\ngctasks.dll O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},CryptoPolicy - C:\WINDOWS\system32\ngctasks.dll O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\KeyPreGenTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},NGCKeyPregen - C:\WINDOWS\system32\ngctasks.dll O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\SystemTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},SYSTEM - C:\WINDOWS\system32\dimsjob.dll O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\UserTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},USER - C:\WINDOWS\system32\dimsjob.dll O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\UserTask-Roam - {58FB76B9-AC85-4E55-AC04-427593B1D060},KEYROAMING - C:\WINDOWS\system32\dimsjob.dll O22 - Task: (disabled) \Microsoft\Windows\Chkdsk\ProactiveScan - {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} - C:\Windows\System32\pstask.dll O22 - Task: (disabled) \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe C:\WINDOWS /sysrepair O22 - Task: (disabled) \Microsoft\Windows\DUSM\dusmtask - C:\WINDOWS\System32\dusmtask.exe O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery - {DCFD3EA8-D960-4719-8206-490AE315F94F},-CrashRecovery - C:\Windows\System32\discan.dll O22 - Task: (disabled) \Microsoft\Windows\Defrag\ScheduledDefrag - C:\WINDOWS\system32\defrag.exe -c -h -o -$ O22 - Task: (disabled) \Microsoft\Windows\Device Setup\Metadata Refresh - {23C1F3CF-C110-4512-ACA9-7B6174ECE888} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\HandleCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-HandleCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-WnsCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck - {AE31B729-D5FD-401E-AF42-784074835AFE},-IntegrityCheck - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession - {AE31B729-D5FD-401E-AF42-784074835AFE},-UserSessionCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -AccountChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ConnectedToNetwork - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ScreenOnOff - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -Full - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterUserDevice -NewAccount - C:\WINDOWS\system32\DeviceDirectoryClient.dll O22 - Task: (disabled) \Microsoft\Windows\Diagnosis\Scheduled - {C1F85EF8-BCC2-4606-BB39-70C523715EB3} - C:\WINDOWS\System32\sdiagschd.dll O22 - Task: (disabled) \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\WINDOWS\system32\cleanmgr.exe /autoclean /d C: O22 - Task: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - C:\WINDOWS\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART O22 - Task: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - C:\WINDOWS\system32\DFDWiz.exe O22 - Task: (disabled) \Microsoft\Windows\DiskFootprint\Diagnostics - C:\WINDOWS\system32\disksnapshot.exe -z O22 - Task: (disabled) \Microsoft\Windows\DiskFootprint\StorageSense - {AB2A519B-03B0-43CE-940A-A73DF850B49A} - C:\WINDOWS\system32\StorageUsage.dll O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll O22 - Task: (disabled) \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll O22 - Task: (disabled) \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - C:\WINDOWS\system32\MDMAgent.exe O22 - Task: (disabled) \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll O22 - Task: (disabled) \Microsoft\Windows\Feedback\Siuf\DmClient - C:\WINDOWS\system32\dmclient.exe O22 - Task: (disabled) \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - C:\WINDOWS\system32\dmclient.exe utcwnf O22 - Task: (disabled) \Microsoft\Windows\FileHistory\File History (maintenance mode) - {89917B7C-A1A6-11DF-8BF6-18A90531A85A} - C:\WINDOWS\System32\fhtask.dll O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\Installation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Install $(Arg0) - C:\Windows\System32\LanguageComponentsInstaller.dll O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Uninstall - C:\Windows\System32\LanguageComponentsInstaller.dll O22 - Task: (disabled) \Microsoft\Windows\License Manager\TempSignedLicenseExchange - {77646A68-AD14-4D53-897D-7BE4DDE5F929} - C:\Windows\System32\TempSignedLicenseExchangeTask.dll O22 - Task: (disabled) \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe O22 - Task: (disabled) \Microsoft\Windows\Location\WindowsActionDialog - C:\WINDOWS\System32\WindowsActionDialog.exe O22 - Task: (disabled) \Microsoft\Windows\MUI\LPRemove - C:\WINDOWS\system32\lpremove.exe O22 - Task: (disabled) \Microsoft\Windows\Maintenance\WinSAT - {A9A33436-678B-4C9C-A211-7CC38785E79D} - C:\WINDOWS\system32\WinSATAPI.dll O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask O22 - Task: (disabled) \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll O22 - Task: (disabled) \Microsoft\Windows\Maps\MapsUpdateTask - {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} - C:\WINDOWS\System32\mapsupdatetask.dll O22 - Task: (disabled) \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Event - C:\WINDOWS\System32\MemoryDiagnostic.dll O22 - Task: (disabled) \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Time - C:\WINDOWS\System32\MemoryDiagnostic.dll O22 - Task: (disabled) \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe O22 - Task: (disabled) \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file) O22 - Task: (disabled) \Microsoft\Windows\Multimedia\SystemSoundsService - {2DEA658F-54C1-4227-AF9B-260AB5FC3543} - C:\WINDOWS\System32\PlaySndSrv.dll O22 - Task: (disabled) \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file) O22 - Task: (disabled) \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs O22 - Task: (disabled) \Microsoft\Windows\PI\Secure-Boot-Update - {5014B7C8-934E-4262-9816-887FA745A6C4},SBServicing - C:\WINDOWS\system32\TpmTasks.dll O22 - Task: (disabled) \Microsoft\Windows\PI\Sqm-Tasks - {5014B7C8-934E-4262-9816-887FA745A6C4},PiSqmTasks - C:\WINDOWS\system32\TpmTasks.dll O22 - Task: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file) O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Device Install Group Policy - {60400283-B242-4FA8-8C25-CAF695B88209} - C:\Windows\System32\pnppolicy.dll O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Device Install Reboot Required - {48794782-6A1F-47B9-BD52-1D5F95D49C1B} - C:\Windows\System32\pnpui.dll O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - C:\WINDOWS\System32\drvinst.exe 6 O22 - Task: (disabled) \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - {927EA2AF-1C54-43D5-825E-0074CE028EEE} - C:\WINDOWS\System32\energytask.dll O22 - Task: (disabled) \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe O22 - Task: (disabled) \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login O22 - Task: (disabled) \Microsoft\Windows\Ras\MobilityManager - {C463A0FC-794F-4FDF-9201-01938CEACAFA} - C:\WINDOWS\system32\rasmbmgr.dll O22 - Task: (disabled) \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE - {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047},VerifyWinRE - C:\WINDOWS\System32\ReAgentTask.dll O22 - Task: (disabled) \Microsoft\Windows\Registry\RegIdleBackup - {CA767AA8-9157-4604-B64B-40747123D5F2} - C:\WINDOWS\System32\regidle.dll O22 - Task: (disabled) \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - C:\WINDOWS\system32\RAServer.exe /offerraupdate O22 - Task: (disabled) \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" O22 - Task: (disabled) \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" O22 - Task: (disabled) \Microsoft\Windows\Servicing\StartComponentCleanup - {752073A1-23F2-4396-85F0-8FDB879ED0ED} - C:\WINDOWS\servicing\TrustedInstaller.exe O22 - Task: (disabled) \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - C:\WINDOWS\system32\SettingSyncCore.dll O22 - Task: (disabled) \Microsoft\Windows\SettingSync\BackupTask - {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} - C:\WINDOWS\system32\SettingSyncCore.dll O22 - Task: (disabled) \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - C:\WINDOWS\system32\SettingSyncCore.dll O22 - Task: (disabled) \Microsoft\Windows\Setup\SetupCleanupTask - {7C83C056-1D0D-4C8E-A6B0-89E79C213559} - C:\WINDOWS\system32\oobe\SetupCleanupTask.dll O22 - Task: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyRefreshTask - {C844C79D-AED8-4DCE-AB25-4D359BED84F8},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyUpload - {EBF00FCB-0769-4B81-9BEC-6C05514111AA},4 - (no file) O22 - Task: (disabled) \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - C:\WINDOWS\System32\srchadmin.dll O22 - Task: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file) O22 - Task: (disabled) \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file) O22 - Task: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file) O22 - Task: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file) O22 - Task: (disabled) \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file) O22 - Task: (disabled) \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file) O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\WINDOWS\System32\sppcext.dll O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},network - C:\WINDOWS\System32\sppcext.dll O22 - Task: (disabled) \Microsoft\Windows\SpacePort\SpaceAgentTask - C:\WINDOWS\system32\SpaceAgent.exe O22 - Task: (disabled) \Microsoft\Windows\SpacePort\SpaceManagerTask - C:\WINDOWS\system32\spaceman.exe /Work O22 - Task: (disabled) \Microsoft\Windows\Speech\SpeechModelDownloadTask - C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe O22 - Task: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization - {5C9AB547-345D-4175-9AF6-65133463A100} - C:\WINDOWS\system32\TieringEngineService.exe O22 - Task: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - C:\WINDOWS\system32\defrag.exe -c -h -g -# -m 8 -i 13500 O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate - {17C82257-654E-4C47-8E23-DCA24EAA76A0} - C:\WINDOWS\system32\sysmain.dll O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance - {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} - C:\WINDOWS\system32\sysmain.dll O22 - Task: (disabled) \Microsoft\Windows\Sysmain\ResPriStaticDbSync - {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} - C:\WINDOWS\system32\sysmain.dll O22 - Task: (disabled) \Microsoft\Windows\SystemRestore\SR - C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation O22 - Task: (disabled) \Microsoft\Windows\TPM\Tpm-HASCertRetr - {5014B7C8-934E-4262-9816-887FA745A6C4},HASCertRetr - C:\WINDOWS\system32\TpmTasks.dll O22 - Task: (disabled) \Microsoft\Windows\TPM\Tpm-Maintenance - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmTasks - C:\WINDOWS\system32\TpmTasks.dll O22 - Task: (disabled) \Microsoft\Windows\Task Manager\Interactive - {855FEC53-D2E4-4999-9E87-3414E9CF0FF4},$(Arg0) - C:\WINDOWS\system32\wdc.dll O22 - Task: (disabled) \Microsoft\Windows\TextServicesFramework\MsCtfMonitor - {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} - C:\WINDOWS\system32\MsCtfMonitor.dll O22 - Task: (disabled) \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime - {A31AD6C2-FF4C-43D4-8E90-7101023096F9},TimeSyncTask - C:\WINDOWS\system32\TimeSyncTask.dll O22 - Task: (disabled) \Microsoft\Windows\Time Synchronization\SynchronizeTime - C:\WINDOWS\system32\sc.exe start w32time task_started O22 - Task: (disabled) \Microsoft\Windows\Time Zone\SynchronizeTimeZone - C:\WINDOWS\system32\tzsync.exe O22 - Task: (disabled) \Microsoft\Windows\UPnP\UPnPHostConfig - C:\WINDOWS\system32\sc.exe config upnphost start= auto O22 - Task: (disabled) \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Maintenance Install - C:\WINDOWS\system32\usoclient.exe StartInstall O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot - C:\WINDOWS\system32\MusNotification.exe O22 - Task: (disabled) \Microsoft\Windows\User Profile Service\HiveUploadTask - {BA677074-762C-444B-94C8-8C83F93F6605} - C:\WINDOWS\system32\profsvc.dll O22 - Task: (disabled) \Microsoft\Windows\WDI\ResolutionHost - {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} - C:\WINDOWS\System32\wdi.dll O22 - Task: (disabled) \Microsoft\Windows\WOF\WIM-Hash-Management - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashManagement - C:\WINDOWS\system32\WofTasks.dll O22 - Task: (disabled) \Microsoft\Windows\WOF\WIM-Hash-Validation - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashValidation - C:\WINDOWS\system32\WofTasks.dll O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - C:\WINDOWS\System32\WaaSMedic.exe None O22 - Task: (disabled) \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - C:\WINDOWS\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange O22 - Task: (disabled) \Microsoft\Windows\Windows Media Sharing\UpdateLibrary - C:\Program Files\Windows Media Player\wmpnscfg.exe O22 - Task: (disabled) \Microsoft\Windows\WindowsColorSystem\Calibration Loader - {B210D694-C8DF-490D-9576-9E20CDBC20BD} - C:\Windows\System32\mscms.dll O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall - {EFF7F153-1C97-417A-B633-FEDE6683A939} - C:\WINDOWS\system32\wuaueng.dll O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUScheduledInstall - {F3B4E234-7A68-4E43-B813-E4BA55A065F6} - C:\WINDOWS\system32\wuaueng.dll O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUSessionConnect - {784E29F4-5EBE-4279-9948-1E8FE941646D} - C:\WINDOWS\system32\wuaueng.dll O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\Automatic App Update - {A6BA00FE-40E8-477C-B713-C64A14F18ADB} - C:\Windows\System32\wuautoappupdate.dll O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sih - C:\WINDOWS\System32\sihclient.exe O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sihboot - C:\WINDOWS\System32\sihclient.exe /boot O22 - Task: (disabled) \Microsoft\Windows\Wininet\CacheTask - {0358B920-0AC7-461F-98F4-58E32CD89148} - C:\WINDOWS\system32\wininet.dll O22 - Task: (disabled) \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - C:\Windows\System32\WorkFoldersShell.dll O22 - Task: (disabled) \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - C:\Windows\System32\WorkFoldersShell.dll O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\WINDOWS\System32\dsregcmd.exe O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - C:\WINDOWS\System32\AutoWorkplace.exe join (file missing) O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery O22 - Task: (disabled) \Microsoft\XblGameSave\XblGameSaveTask - C:\WINDOWS\System32\XblGameSaveTask.exe standby O22 - Task: (disabled) \Microsoft\XblGameSave\XblGameSaveTaskLogon - C:\WINDOWS\System32\XblGameSaveTask.exe logon O22 - Task: (disabled) {31DDBD37-5DB7-4030-8064-10B0CAA806C3} - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe O22 - Task: User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206} - C:\WINDOWS\system32\msfeedssync.exe sync O22 - Task: User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024} - C:\WINDOWS\system32\msfeedssync.exe sync O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll O22 - Task: \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll O22 - Task: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},timer - C:\WINDOWS\System32\sppcext.dll O22 - Task: \Microsoft\Windows\Sysmain\WsSwapAssessmentTask - C:\WINDOWS\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan - C:\WINDOWS\system32\usoclient.exe StartScan O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - C:\WINDOWS\system32\MusNotification.exe Display O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (Microsoft) O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (Microsoft) O22 - Task: \Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service R2: Arbeitsstationsdienst - (LanmanWorkstation) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wkssvc.dll O23 - Service R2: Aufgabenplanung - (Schedule) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\schedsvc.dll O23 - Service R2: Automatische WLAN-Konfiguration - (WlanSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wlansvc.dll O23 - Service R2: Basisfiltermodul - (BFE) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bfe.dll O23 - Service R2: Benachrichtigungsdienst für Systemereignisse - (SENS) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\sens.dll O23 - Service R2: Benutzer-Manager - (UserManager) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\usermgr.dll O23 - Service R2: Benutzerdienst für die Plattform für verbundene Geräte - (CDPUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\CDPUserSvc.dll O23 - Service R2: Benutzererfahrung und Telemetrie im verbundenen Modus - (DiagTrack) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\diagtrack.dll O23 - Service R2: Benutzerprofildienst - (ProfSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\profsvc.dll O23 - Service R2: BrcmSetSecurity - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe O23 - Service R2: COM+-Ereignissystem - (EventSystem) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\es.dll O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service R2: DCOM-Server-Prozessstart - (DcomLaunch) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\rpcss.dll O23 - Service R2: DHCP-Client - (Dhcp) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dhcpcore.dll O23 - Service R2: DNS-Client - (Dnscache) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dnsrslvr.dll O23 - Service R2: Datennutzung - (DusmSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dusmsvc.dll O23 - Service R2: Designs - (Themes) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\themeservice.dll O23 - Service R2: Diagnoserichtliniendienst - (DPS) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dps.dll O23 - Service R2: Dienst "Bonjour" - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service R2: Dienst für Bildschirmtastatur und Schreibbereich - (TabletInputService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TabSvc.dll O23 - Service R2: Druckwarteschlange - (Spooler) - C:\WINDOWS\System32\spoolsv.exe O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe O23 - Service R2: Gerätezuordnungsdienst - (DeviceAssociationService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\das.dll O23 - Service R2: Gruppenrichtlinienclient - (gpsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\gpsvc.dll O23 - Service R2: IP-Hilfsdienst - (iphlpsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\iphlpsvc.dll O23 - Service R2: Infrastrukturdienst für Hintergrundaufgaben - (BrokerInfrastructure) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bisrv.dll O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service R2: Intel(R) Smart Connect Technology Agent - (ISCTAgent) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe O23 - Service R2: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe O23 - Service R2: Kryptografiedienste - (CryptSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\cryptsvc.dll O23 - Service R2: Lokaler Sitzungs-Manager - (LSM) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lsm.dll O23 - Service R2: Manager für heruntergeladene Karten - (MapsBroker) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\moshost.dll O23 - Service R2: NLA (Network Location Awareness) - (NlaSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\nlasvc.dll O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service R2: NVIDIA Network Service - (NvNetworkService) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service R2: NVIDIA Streamer Service - (NvStreamSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service R2: Netzwerkspeicher-Schnittstellendienst - (nsi) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\nsisvc.dll O23 - Service R2: PDF24 - D:\Eigene Programme\PDF24\pdf24.exe O23 - Service R2: Plattformdienst für verbundene Geräte - (CDPSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\CDPSvc.dll O23 - Service R2: RAS-Verbindungsverwaltung - (RasMan) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\rasmans.dll O23 - Service R2: RPC-Endpunktzuordnung - (RpcEptMapper) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\RpcEpMap.dll O23 - Service R2: Remoteprozeduraufruf (RPC) - (RpcSs) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\rpcss.dll O23 - Service R2: Server - (LanmanServer) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\srvsvc.dll O23 - Service R2: Shellhardwareerkennung - (ShellHWDetection) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\shsvcs.dll O23 - Service R2: Sicherheitscenter - (wscsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wscsvc.dll O23 - Service R2: Stromversorgung - (Power) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpo.dll O23 - Service R2: Superfetch - (SysMain) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sysmain.dll O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service R2: Synchronisierungshost - (OneSyncSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\APHostService.dll O23 - Service R2: Systemereignissebroker - (SystemEventsBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SystemEventsBrokerServer.dll O23 - Service R2: UI Assistant Service - D:\1&1\1&1 Surf-Stick\AssistantServices.exe O23 - Service R2: Windows Defender Firewall - (MpsSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\mpssvc.dll O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe O23 - Service R2: Windows Media Player-Netzwerkfreigabedienst - (WMPNetworkSvc) - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service R2: Windows Search - (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service R2: Windows-Audio - (Audiosrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\Audiosrv.dll O23 - Service R2: Windows-Audio-Endpunkterstellung - (AudioEndpointBuilder) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AudioEndpointBuilder.dll O23 - Service R2: Windows-Dienst für Schriftartencache - (FontCache) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\FntCache.dll O23 - Service R2: Windows-Pushbenachrichtigungs-Benutzerdienst - (WpnUserService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\WpnUserService.dll O23 - Service R2: Windows-Pushbenachrichtigungssystemdienst - (WpnService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WpnService.dll O23 - Service R2: Windows-Verbindungs-Manager - (Wcmsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wcmsvc.dll O23 - Service R2: Windows-Verwaltungsinstrumentation - (Winmgmt) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wbem\WMIsvc.dll O23 - Service R2: isesrv - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe O23 - Service R2: Überwachung verteilter Verknüpfungen (Client) - (TrkWks) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\trkwks.dll O23 - Service R3: ActiveX-Installer (AxInstSV) - (AxInstSV) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AxInstSV.dll O23 - Service R3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service R3: AllJoyn-Routerdienst - (AJRouter) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AJRouter.dll O23 - Service R3: Anmelde-Assistent für Microsoft-Konten - (wlidsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wlidsvc.dll O23 - Service R3: Anmeldedienst - (Netlogon) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\netlogon.dll O23 - Service R3: Anmeldeinformationsverwaltung - (VaultSvc) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\Windows\System32\vaultsvc.dll O23 - Service R3: Anschlussumleitung für Remotedesktopdienst im Benutzermodus - (UmRdpService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\umrdp.dll O23 - Service R3: Anwendungsidentität - (AppIDSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\appidsvc.dll O23 - Service R3: Anwendungsinformationen - (Appinfo) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\appinfo.dll O23 - Service R3: App-Vorbereitung - (AppReadiness) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\AppReadiness.dll O23 - Service R3: AppX-Bereitstellungsdienst (AppXSVC) - (AppXSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\appxdeploymentserver.dll O23 - Service R3: Arbeitsordner - (workfolderssvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\workfolderssvc.dll O23 - Service R3: Autom. Setup von Geräten, die mit dem Netzwerk verbunden sind - (NcdAutoSetup) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NcdAutoSetup.dll O23 - Service R3: Automatische Konfiguration (verkabelt) - (dot3svc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dot3svc.dll O23 - Service R3: Benutzerdatenspeicher - (UnistoreSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\unistore.dll O23 - Service R3: Benutzerdatenzugriff - (UserDataSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\userdataservice.dll O23 - Service R3: BitLocker-Laufwerkverschlüsselungsdienst - (BDESVC) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bdesvc.dll O23 - Service R3: Blockebenen-Sicherungsmodul - (wbengine) - C:\WINDOWS\system32\wbengine.exe O23 - Service R3: Bluetooth-Freisprechdienst - (BthHFSrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\BthHFSrv.dll O23 - Service R3: Bluetooth-Unterstützungsdienst - (bthserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\bthserv.dll O23 - Service R3: Broker für DevQuery-Hintergrundermittlung - (DevQueryBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\DevQueryBroker.dll O23 - Service R3: CNG-Schlüsselisolation - (KeyIso) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\keyiso.dll O23 - Service R3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service R3: Computerbrowser - (Browser) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\browser.dll O23 - Service R3: Dateiversionsverlauf-Dienst - (fhsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fhsvc.dll O23 - Service R3: Datenfreigabedienst - (DsSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DsSvc.dll O23 - Service R3: DevicesFlow - (DevicesFlowUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DevicesFlowBroker.dll O23 - Service R3: Diagnosediensthost - (WdiServiceHost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wdi.dll O23 - Service R3: Diagnosesystemhost - (WdiSystemHost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wdi.dll O23 - Service R3: Diagnostic Execution Service - (diagsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\DiagSvc.dll O23 - Service R3: Dienst "Assistent für lokale Profile" - (wlpasvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lpasvc.dll O23 - Service R3: Dienst für Einzelhandelsdemos - (RetailDemo) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\RDXService.dll O23 - Service R3: Dienst für räumliche Daten - (SharedRealitySvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SharedRealitySvc.dll O23 - Service R3: Distributed Transaction Coordinator - (MSDTC) - C:\WINDOWS\System32\msdtc.exe O23 - Service R3: Echtzeit-Datenträgerprüfung - (svsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\svsvc.dll O23 - Service R3: Eingabegerätedienst - (hidserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\hidserv.dll O23 - Service R3: Eingebetteter Modus - (embeddedmode) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\embeddedmodesvc.dll O23 - Service R3: Enumeratordienst für tragbare Geräte - (WPDBusEnum) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wpdbusenum.dll O23 - Service R3: Ereignisse zum Abrufen von Standbildern - (WiaRpc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wiarpc.dll O23 - Service R3: Erkennung interaktiver Dienste - (UI0Detect) - C:\WINDOWS\system32\UI0Detect.exe O23 - Service R3: Extensible Authentication-Protokoll - (Eaphost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\eapsvc.dll O23 - Service R3: Fax - C:\WINDOWS\system32\fxssvc.exe O23 - Service R3: Funktionssuchanbieter-Host - (fdPHost) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fdPHost.dll O23 - Service R3: Funktionssuche-Ressourcenveröffentlichung - (FDResPub) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fdrespub.dll O23 - Service R3: Funkverwaltungsdienst - (RmSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\RMapi.dll O23 - Service R3: Gatewaydienst auf Anwendungsebene - (ALG) - C:\WINDOWS\System32\alg.exe O23 - Service R3: Geolocation-Dienst - (lfsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lfsvc.dll O23 - Service R3: Geräteinstallations-Manager - (DsmSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DeviceSetupManager.dll O23 - Service R3: Geräteinstallationsdienst - (DeviceInstall) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpnpmgr.dll O23 - Service R3: GraphicsPerfSvc - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\GraphicsPerfSvc.dll O23 - Service R3: Heimnetzgruppen-Anbieter - (HomeGroupProvider) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\provsvc.dll O23 - Service R3: Heimnetzgruppen-Listener - (HomeGroupListener) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\ListSvc.dll O23 - Service R3: Hostdienst für Windows Encryption Provider - (WEPHOSTSVC) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wephostsvc.dll O23 - Service R3: Hyper-V PowerShell Direct-Dienst - (vmicvmsession) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Datenaustauschdienst - (vmickvpexchange) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Dienst für Zeitsynchronisierung - (vmictimesync) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Dienst zum Herunterfahren des Gasts - (vmicshutdown) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Gastdienstschnittstelle - (vmicguestinterface) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Remotedesktopvirtualisierungsdienst - (vmicrdv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvcext.dll O23 - Service R3: Hyper-V-Taktdienst - (vmicheartbeat) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll O23 - Service R3: Hyper-V-Volumeschattenkopie-Anforderer - (vmicvss) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvcext.dll O23 - Service R3: IKE- und AuthIP IPsec-Schlüsselerstellungsmodule - (IKEEXT) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ikeext.dll O23 - Service R3: IPsec-Richtlinien-Agent - (PolicyAgent) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ipsecsvc.dll O23 - Service R3: Infrarotüberwachungsdienst - (irmon) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\irmon.dll O23 - Service R3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service R3: Intel(R) Update Manager - (iumsvc) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service R3: Intelligenter Hintergrundübertragungsdienst - (BITS) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\qmgr.dll O23 - Service R3: Kacheldaten-Modellserver - (tiledatamodelsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\tileobjserver.dll O23 - Service R3: Konfiguration für Remotedesktops - (SessionEnv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sessenv.dll O23 - Service R3: Konfigurationsdienst für die IP-Übersetzung - (IpxlatCfgSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\IpxlatCfg.dll O23 - Service R3: Kontaktdaten - (PimIndexMaintenanceSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PimIndexMaintenance.dll O23 - Service R3: KtmRm für Distributed Transaction Coordinator - (KtmRm) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\msdtckrm.dll O23 - Service R3: Laufwerke optimieren - (defragsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\defragsvc.dll O23 - Service R3: Leistungsindikator-DLL-Host - (PerfHost) - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service R3: Leistungsprotokolle und -warnungen - (pla) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pla.dll O23 - Service R3: Manager-Dienst für den Funktionszugriff - (camsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\CapabilityAccessManager.dll O23 - Service R3: MessagingService - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\MessagingService.dll O23 - Service R3: Microsoft Passport - (NgcSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\ngcsvc.dll O23 - Service R3: Microsoft Passport-Container - (NgcCtnrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NgcCtnrSvc.dll O23 - Service R3: Microsoft Windows SMS-Routerdienst. - (SmsRouter) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SmsRouterSvc.dll O23 - Service R3: Microsoft iSCSI-Initiator-Dienst - (MSiSCSI) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\iscsiexe.dll O23 - Service R3: Microsoft-SMP für Speicherplätze - (smphost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\smphost.dll O23 - Service R3: Microsoft-Softwareschattenkopie-Anbieter - (swprv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\swprv.dll O23 - Service R3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service R3: Natürliche Authentifizierung - (NaturalAuthentication) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NaturalAuth.dll O23 - Service R3: Netzwerkeinrichtungsdienst - (NetSetupSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NetSetupSvc.dll O23 - Service R3: Netzwerkkonnektivitäts-Assistent - (NcaSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ncasvc.dll O23 - Service R3: Netzwerklistendienst - (netprofm) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\netprofmsvc.dll O23 - Service R3: Netzwerkverbindungen - (Netman) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\netman.dll O23 - Service R3: Netzwerkverbindungsbroker - (NcbService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ncbservice.dll O23 - Service R3: PNRP-Computernamenveröffentlichungs-Dienst - (PNRPAutoReg) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpauto.dll O23 - Service R3: Peer Name Resolution-Protokoll - (PNRPsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpsvc.dll O23 - Service R3: Peernetzwerk-Gruppenzuordnung - (p2psvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\p2psvc.dll O23 - Service R3: Peernetzwerkidentitäts-Manager - (p2pimsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpsvc.dll O23 - Service R3: Plug & Play - (PlugPlay) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpnpmgr.dll O23 - Service R3: PrintWorkflow - (PrintWorkflowUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PrintWorkflowService.dll O23 - Service R3: Printer Extensions and Notifications - (PrintNotify) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll O23 - Service R3: RPC-Locator - (RpcLocator) - C:\WINDOWS\system32\locator.exe O23 - Service R3: Registrierungsdienst für die Geräteverwaltung - (DmEnrollmentSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\Windows.Internal.Management.dll O23 - Service R3: Remotedesktopdienste - (TermService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\termsrv.dll O23 - Service R3: Richtlinie zum Entfernen der Scmartcard - (SCPolicySvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\certprop.dll O23 - Service R3: SNMP-Trap - (SNMPTRAP) - C:\WINDOWS\System32\snmptrap.exe O23 - Service R3: SSDP-Suche - (SSDPSRV) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ssdpsrv.dll O23 - Service R3: SSTP-Dienst - (SstpSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sstpsvc.dll O23 - Service R3: Sekundäre Anmeldung - (seclogon) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\seclogon.dll O23 - Service R3: Sensordatendienst - (SensorDataService) - C:\WINDOWS\System32\SensorDataService.exe O23 - Service R3: Sensordienst - (SensorService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SensorService.dll O23 - Service R3: Sensorüberwachungsdienst - (SensrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sensrsvc.dll O23 - Service R3: Smartcard-Geräteaufzählungsdienst - (ScDeviceEnum) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ScDeviceEnum.dll O23 - Service R3: Speicherdienst - (StorSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\storsvc.dll O23 - Service R3: Standardsammlungsdienst des Microsoft(R)-Diagnose-Hubs - (diagnosticshub.standardcollector.service) - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe O23 - Service R3: Storage Tiers Management - (TieringEngineService) - C:\WINDOWS\system32\TieringEngineService.exe O23 - Service R3: TCP/IP-NetBIOS-Hilfsdienst - (lmhosts) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lmhsvc.dll O23 - Service R3: Telefondienst - (PhoneSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PhoneService.dll O23 - Service R3: Telefonie - (TapiSrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\tapisrv.dll O23 - Service R3: UPnP-Gerätehost - (upnphost) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\upnphost.dll O23 - Service R3: Unterstützung in der Systemsteuerung unter Lösungen für Probleme - (wercplsupport) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wercplsupport.dll O23 - Service R3: Update Orchestrator Service - (UsoSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\usocore.dll O23 - Service R3: Verbessertes Windows-Audio/Video-Streaming - (QWAVE) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\qwave.dll O23 - Service R3: Verbindungs-Manager-Dienst von Wi-Fi Direct Services - (WFDSConMgrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wfdsconmgrsvc.dll O23 - Service R3: Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm - (lltdsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lltdsvc.dll O23 - Service R3: Verschlüsselndes Dateisystem (EFS) - (EFS) - C:\WINDOWS\System32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\efssvc.dll O23 - Service R3: Verwaltungsdienst für Unternehmens-Apps - (EntAppSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll O23 - Service R3: Virtueller Datenträger - (vds) - C:\WINDOWS\System32\vds.exe O23 - Service R3: Volumeschattenkopie - (VSS) - C:\WINDOWS\system32\vssvc.exe O23 - Service R3: WMI-Leistungsadapter - (wmiApSrv) - C:\WINDOWS\system32\wbem\WmiApSrv.exe O23 - Service R3: WWAN - automatische Konfiguration - (WwanSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wwansvc.dll O23 - Service R3: WalletService - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WalletService.dll O23 - Service R3: WarpJITSvc - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\Windows.WARP.JITService.dll O23 - Service R3: Web Account Manager - (TokenBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TokenBroker.dll O23 - Service R3: Webclient - (WebClient) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\webclnt.dll O23 - Service R3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe O23 - Service R3: Windows Defender Antivirus-Netzwerkinspektionsdienst - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe O23 - Service R3: Windows Perception Service - (spectrum) - C:\WINDOWS\system32\spectrum.exe O23 - Service R3: Windows PushToInstall-Dienst - (PushToInstall) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\PushToInstall.dll O23 - Service R3: Windows Store-Installationsdienst - (InstallService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\InstallService.dll O23 - Service R3: Windows Update - (wuauserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wuaueng.dll O23 - Service R3: Windows-Bilderfassung (WIA) - (stisvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wiaservc.dll O23 - Service R3: Windows-Biometriedienst - (WbioSrvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wbiosrvc.dll O23 - Service R3: Windows-Dienst für mobile Hotspots - (icssvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\tetheringservice.dll O23 - Service R3: Windows-Ereignissammlung - (Wecsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wecsvc.dll O23 - Service R3: Windows-Fehlerberichterstattungsdienst - (WerSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\WerSvc.dll O23 - Service R3: Windows-Insider-Dienst - (wisvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\flightsettings.dll O23 - Service R3: Windows-Kamera-FrameServer - (FrameServer) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\FrameServer.dll O23 - Service R3: Windows-Lizenz-Manager-Dienst - (LicenseManager) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\LicenseManagerSvc.dll O23 - Service R3: Windows-Remoteverwaltung (WS-Verwaltung) - (WinRM) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WsmSvc.dll O23 - Service R3: Windows-Sicherung - (SDRSVC) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SDRSVC.dll O23 - Service R3: Windows-Sofortverbindung - Konfigurationsregistrierungsstelle - (wcncsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wcncsvc.dll O23 - Service R3: Windows-Zeitgeber - (W32Time) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\w32time.dll O23 - Service R3: Xbox Accessory Management Service - (XboxGipSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XboxGipSvc.dll O23 - Service R3: Xbox Live Authentifizierungs-Manager - (XblAuthManager) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XblAuthManager.dll O23 - Service R3: Xbox Live-Netzwerkservice - (XboxNetApiSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\XboxNetApiSvc.dll O23 - Service R3: Xbox Live-Spiele speichern - (XblGameSave) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XblGameSave.dll O23 - Service R3: Zahlungs- und NFC/SE-Manager - (SEMgrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SEMgrSvc.dll O23 - Service R3: Zeitbroker - (TimeBrokerSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TimeBrokerServer.dll O23 - Service R3: Zertifikatverteilung - (CertPropSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\certprop.dll O23 - Service R3: dmwappushsvc - (dmwappushservice) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dmwappushsvc.dll O23 - Service R3: iPod-Dienst - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service S3: Verwaltung für automatische RAS-Verbindung - (RasAuto) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\rasauto.dll O23 - Service S3: Windows Installer - (msiserver) - C:\WINDOWS\system32\msiexec.exe O23 - Service S3: Windows Modules Installer - (TrustedInstaller) - C:\WINDOWS\servicing\TrustedInstaller.exe -- End of file - Time spent: 33 sec. - 149572 bytes, CRC32: FFFFFFFF. Sign: 䂢症 |
|
05.01.2018, 17:29
| #2 |
| /// TB-Ausbilder   | Virenverdacht. Kann jemand Logfile analysieren? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste mit deiner nächsten Antwort
|
|
05.01.2018, 20:37
| #3 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter ==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-29 19:35
==================== Ende von FRST.txt ============================
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (05-01-2018 20:27:40)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 17:30 - 2018-01-03 17:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2010-08-20 22:40 - 2015-06-10 21:31 - 000039424 _____ () D:\Eigene Programme\Softonic\gfSubtitlePlayer.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3769F19F-45C0-4B2D-992B-05223B1FEB94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A342626-5C5E-4DF3-B312-DD83185F5FEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{65B24B18-CDCB-4B5E-9064-A473798272E3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5AA331E6-7532-4FA9-A20D-D92974947955}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13518858-DD80-4C29-991C-55215E5490D8}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [TCP Query User{DE2CDF1A-0743-4F61-BA8E-3C0500CAE274}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [{D4C000ED-633B-437C-8EB6-23354A4EF327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{29069ABE-032B-4B1D-BCB8-3A4A6E622F4A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{86852487-13B2-44F4-A0D4-25BEB4D99FD0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D5F0119A-B223-4964-8B0B-30EACC9EF44A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11C90BAF-CFF3-455D-9E25-25E42FE51BA9}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BE993BAF-47C7-4DD4-81D1-0821AFC86659}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{2E492F64-BF21-4965-B652-41A33109AC2D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E32EA6DB-2EAE-4899-A7C5-AB390D3503AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{72C7970B-E700-4A57-AE46-231EAF98721F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EF2329C-1E60-4408-88A1-6DE50D42B9B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8966330E-BE30-409E-9455-69CE0F12CC90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DEAFF6A-066A-4005-BC7E-084E6E9F82F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DF6C1E60-3670-49D8-8476-E86716187EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B66AFF7-43CB-4338-9552-3A0A7F58E263}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7F0B837-6841-4107-8A87-B492468801F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7F6F61D5-A75C-4F79-B58B-18EE1AF7DDA7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A35D1D2-7451-4A65-8524-40843C07E5F4}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7BF2AFA9-6AE6-4F05-A033-1406997B7C1E}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{989DF027-B861-4B84-856D-2E4D9C1202DB}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{EBEA0B02-973E-467C-98B7-5EFA79ABF598}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{67368898-CBF9-4D59-A4B8-912D7FA4D9A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E68BBC48-4F50-4B90-B97D-DC6A2C097CE8}] => (Allow) LPort=2869
FirewallRules: [{EBD1110E-9E19-4586-B9BC-FCE3346FC181}] => (Allow) LPort=1900
FirewallRules: [{7B1FD2A5-5BAA-41FE-A0AA-67089E5BA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D2526E4-906D-484B-9A5E-E09573052E64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6740FAC6-B707-4D1E-A257-F51B751FBB59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85DB67DF-EB4F-4F93-BB55-D3D07D00EE25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97C79946-10CA-468A-9C93-AAA8E5715DA4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A3907C5E-9D54-4EF3-B09C-6F4E91779960}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0C00DBA0-1681-46D3-892B-0A46B4F12A55}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F59ECA5D-88AB-4B91-8A77-FC9C7E36B0D4}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{8FAF9711-0126-471A-8DF9-E8744801F428}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2fe0
Startzeit: 01d3854b9f2e8cd6
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: App
Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/05/2018 08:27:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/05/2018 08:25:19 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:19:21 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:18:47 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:14:48 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:14:22 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:12:49 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2018 08:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/05/2018 08:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/05/2018 08:12:24 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2018-01-05 20:31:43.291
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-05 20:26:05.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:26:05.599
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:18:03.335
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:18:03.331
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:17:59.756
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:17:59.754
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:16:52.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:16:52.829
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-05 20:16:44.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 3821.11 MB
Summe virtueller Speicher: 9864.27 MB
Verfügbarer virtueller Speicher: 5586.98 MB
==================== Laufwerke ================================
Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.38 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:21.26 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)
Partition: GPT.
==================== Ende von Addition.txt ============================
jetzt schon mal vielen Dank für Deine Hilfe!!! Ich weiß die investierte Zeit sehr zu schätzen. Ich hoffe, ich habe alle Anweisungen beachtet und fehlerfrei ausgeführt und freue mich auf Deine Rückmeldung! |
|
06.01.2018, 11:45
| #4 |
| /// TB-Ausbilder | Virenverdacht. Kann jemand Logfile analysieren? Bitte die Logdatei von FRST.txt ist unvollständig. Bitte nochmal posten. |
|
06.01.2018, 19:10
| #5 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter ==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [UIExec] => D:\1&1\1&1 Surf-Stick\UIExec.exe [139088 2015-09-26] ()
HKLM-x32\...\Run: [PDFPrint] => D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [Spotify Web Helper] => C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-12] (Spotify Ltd)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-10-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-10-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87b167a3-4b8e-4e22-9800-0a9597ac92df}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c93302ec-c967-489a-9ad3-d1b851f01d41}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
FireFox:
========
FF ProfilePath: C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default [2018-01-06]
FF user.js: detected! => C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default\user.js [2015-06-15]
FF Session Restore: Mozilla\Firefox\Profiles\rpk35ggf.default -> ist aktiviert.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-01-10] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1821675693-422080741-3404470268-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2015-10-30] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PDF24; D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-08-14] (Synaptics Incorporated)
R2 UI Assistant Service; D:\1&1\1&1 Surf-Stick\AssistantServices.exe [253264 2015-09-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-25] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-12-29] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-06 18:50 - 2018-01-06 18:51 - 000023156 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e03.other.voices.other.rooms.(2016).eng.1cd.(6530964).zip
2018-01-06 18:48 - 2018-01-06 18:53 - 000013747 _____ C:\Users\Timothy\Desktop\FRST.txt
2018-01-06 18:46 - 2018-01-06 18:47 - 000000000 ____D C:\Users\Timothy\Desktop\Farbar
2018-01-06 18:37 - 2018-01-06 18:37 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\SumatraPDF
2018-01-05 22:36 - 2018-01-05 22:36 - 000022210 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e02.the.kill.floor.(2016).eng.1cd.(6517525).zip
2018-01-05 20:57 - 2018-01-05 22:37 - 000000000 ____D C:\Users\Timothy\Desktop\11.22.63
2018-01-05 20:56 - 2018-01-05 20:57 - 000025032 _____ C:\Users\Timothy\Downloads\11-22-63-first-season-english-911599.zip
2018-01-05 20:19 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Desktop\FRST64.exe
2018-01-04 21:28 - 2018-01-04 21:29 - 000076300 _____ C:\Users\Timothy\Downloads\Addition.txt
2018-01-04 21:26 - 2018-01-04 21:29 - 000186375 _____ C:\Users\Timothy\Downloads\FRST.txt
2018-01-04 21:22 - 2018-01-06 18:46 - 000000000 ____D C:\FRST
2018-01-04 21:21 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Downloads\FRST64.exe
2018-01-04 20:31 - 2018-01-04 20:31 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Timothy\Downloads\hijackthis.exe
2018-01-04 20:22 - 2018-01-04 20:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Timothy\Downloads\HijackThis - CHIP-Installer.exe
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ___HD C:\Users\Julia\MicrosoftEdgeBackups
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia\AppData\Local\DBG
2018-01-04 12:02 - 2018-01-04 12:02 - 000000000 ___RD C:\Users\Julia\3D Objects
2018-01-04 12:01 - 2018-01-04 12:01 - 000000020 ___SH C:\Users\Julia\ntuser.ini
2018-01-02 23:44 - 2018-01-02 23:44 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-01-02 23:44 - 2018-01-02 23:44 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2018-01-02 22:11 - 2018-01-02 22:11 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\Timothy\Downloads\SumatraPDF-3.1.2-install.exe
2018-01-01 18:36 - 2018-01-01 18:33 - 000065318 _____ C:\Users\Timothy\Desktop\S01E01- The Rabbit Hole.eng.srt
2018-01-01 18:35 - 2018-01-01 18:35 - 000025451 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e01.the.rabbit.hole.(2016).eng.1cd.(6706508).zip
2018-01-01 18:27 - 2018-01-01 18:27 - 000049938 _____ C:\Users\Timothy\Downloads\manchester.by.the.sea.(2016).eng.1cd.(6901378).zip
2017-12-30 21:52 - 2017-12-30 21:52 - 000000000 ____D C:\Users\Timothy\AppData\Local\DBG
2017-12-29 20:17 - 2017-12-29 20:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 20:15 - 2017-12-29 20:15 - 000000000 ___HD C:\Users\Timothy\MicrosoftEdgeBackups
2017-12-29 20:14 - 2017-12-29 20:14 - 000000000 ___RD C:\Users\Timothy\3D Objects
2017-12-29 20:13 - 2017-12-29 20:13 - 000000020 ___SH C:\Users\Timothy\ntuser.ini
2017-12-29 20:12 - 2018-01-04 21:19 - 007459424 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-29 20:12 - 2017-12-30 21:08 - 000000000 ___HD C:\VTRoot
2017-12-29 20:09 - 2018-01-06 18:37 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206}
2017-12-29 20:09 - 2018-01-04 12:31 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-29 20:09 - 2017-12-29 20:10 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:10 - 000002826 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 20:09 - 2017-12-29 20:10 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia
2017-12-29 20:09 - 2017-12-29 20:09 - 000003438 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-29 20:09 - 2017-12-29 20:09 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:09 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:09 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-29 20:09 - 2017-12-29 20:09 - 000002550 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-29 20:09 - 2017-12-29 20:09 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-12-29 20:09 - 2017-12-29 20:09 - 000001908 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2017-12-29 20:09 - 2017-12-29 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-29 20:09 - 2017-04-11 09:55 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 19:57 - 2017-12-30 21:31 - 001908440 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 19:46 - 2017-12-29 19:46 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 19:45 - 2017-12-29 19:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 19:41 - 2017-12-30 19:39 - 000000000 ____D C:\Users\Timothy\AppData\Local\Packages
2017-12-29 19:40 - 2018-01-04 12:23 - 000000000 ____D C:\Users\Julia\AppData\Local\Packages
2017-12-29 19:39 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia
2017-12-29 19:39 - 2017-12-29 20:15 - 000000000 ____D C:\Users\Timothy
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Anwendungsdaten
2017-12-29 19:37 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 19:37 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 19:37 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 19:35 - 2018-01-05 23:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 19:35 - 2017-12-29 19:53 - 000258992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-29 19:31 - 2017-12-29 20:12 - 000000000 ____D C:\Windows.old
2017-12-29 19:05 - 2017-12-29 19:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-29 19:01 - 2017-12-29 19:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\MSBuild
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-29 18:56 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 18:55 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-29 18:38 - 2017-12-29 18:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-29 17:52 - 2017-12-30 08:48 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 12:12 - 2017-12-29 19:54 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-12-29 12:05 - 2017-12-29 12:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET97B.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET34F.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET213.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\SETB225.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAFC1.tmp
2017-12-28 17:43 - 2017-12-29 17:52 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-28 17:41 - 2017-12-28 17:41 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-28 17:29 - 2016-12-29 14:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-22 16:04 - 2017-12-22 16:04 - 000000000 ____D C:\Users\Julia\AppData\Local\CrashDumps
2017-12-22 12:13 - 2017-12-29 20:12 - 000000000 ___HD C:\$GetCurrent
2017-12-22 12:12 - 2017-12-29 20:13 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 12:12 - 2017-12-29 16:16 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-12-20 21:53 - 2017-12-20 21:53 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-19 06:23 - 2017-12-19 06:23 - 000000000 ____D C:\Users\Timothy\AppData\Local\UNP
2017-12-18 22:24 - 2017-12-18 22:24 - 000001251 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2017-12-18 22:23 - 2017-12-18 22:23 - 000000000 ____D C:\Program Files (x86)\COMODO
2017-12-18 22:23 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-18 22:23 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-18 22:23 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-18 22:20 - 2017-12-18 22:20 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-18 22:19 - 2017-12-18 22:20 - 005500784 _____ (COMODO) C:\Users\Timothy\Downloads\cispremium_installer_6100_08.exe
2017-12-18 22:02 - 2017-12-29 19:31 - 000000000 ____D C:\Program Files\UNP
2017-12-14 15:38 - 2017-12-18 22:02 - 000000000 ____D C:\Program Files\rempl
2017-12-14 02:32 - 2017-12-29 18:58 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:32 - 2017-12-14 02:32 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-08 23:32 - 2017-05-31 22:24 - 000051176 _____ C:\Users\Timothy\Desktop\House.of.Cards.2013.S05E04.720p.WEBRip.x264-MOROSE.srt
2017-12-08 23:31 - 2017-12-08 23:31 - 000020535 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-4-english-36817.zip
2017-12-08 22:37 - 2017-12-08 22:37 - 000021989 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-3-english-36816.zip
2017-12-08 21:14 - 2017-12-08 21:14 - 000139283 _____ C:\Users\Timothy\Downloads\The.Hateful.Eight.2015.720p.BluRay.x264-[YTS.AG].srt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-06 18:52 - 2014-08-19 20:27 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\vlc
2018-01-06 18:50 - 2017-04-11 20:38 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-01-06 18:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-06 18:34 - 2017-01-28 21:24 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Mozilla
2018-01-06 18:33 - 2014-08-20 20:43 - 000000000 __SHD C:\Users\Timothy\IntelGraphicsProfiles
2018-01-06 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-06 18:32 - 2016-09-22 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-05 20:11 - 2014-10-30 18:49 - 000000000 __SHD C:\Users\Julia\IntelGraphicsProfiles
2018-01-05 07:52 - 2017-02-01 07:50 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
2018-01-04 12:02 - 2015-09-01 19:42 - 000000000 ____D C:\Users\Julia\AppData\Local\TileDataLayer
2018-01-04 12:02 - 2014-08-20 02:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-03 17:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-02 22:12 - 2015-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-02 17:45 - 2014-08-19 20:12 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-01-01 18:53 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-01 18:20 - 2015-06-03 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-01 18:19 - 2017-01-28 21:24 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-01 18:19 - 2017-01-28 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-01 18:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-31 11:09 - 2014-11-01 16:42 - 000002027 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\Program Files (x86)\Sonos
2017-12-31 11:08 - 2014-09-02 20:04 - 000000000 ____D C:\Users\Timothy\AppData\Local\Downloaded Installations
2017-12-30 21:31 - 2017-09-30 15:35 - 000834104 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-30 21:31 - 2017-09-30 15:35 - 000171582 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-30 19:39 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-29 20:14 - 2015-09-01 12:47 - 000000000 ____D C:\Users\Timothy\AppData\Local\TileDataLayer
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-29 20:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-29 20:05 - 2014-08-20 23:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 19:57 - 2013-10-29 19:07 - 001874790 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 19:54 - 2013-10-29 19:26 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-12-29 19:53 - 2016-09-22 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-29 19:52 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-29 19:52 - 2016-01-06 22:42 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:52 - 2014-08-19 20:26 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 19:38 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:38 - 2016-09-22 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-29 19:37 - 2016-09-22 20:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 19:37 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-29 19:35 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-29 19:31 - 2017-10-11 07:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-29 19:31 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-29 19:31 - 2017-07-19 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-12-29 19:31 - 2017-03-11 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-12-29 19:31 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-29 19:31 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Intel
2017-12-29 19:31 - 2016-07-30 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-29 19:31 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-29 19:31 - 2016-07-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-12-29 19:31 - 2016-01-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:31 - 2015-10-21 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2017-12-29 19:31 - 2015-06-17 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-29 19:31 - 2015-03-01 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-29 19:31 - 2015-02-20 21:57 - 000000000 ____D C:\WINDOWS\de
2017-12-29 19:31 - 2015-01-23 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-29 19:31 - 2014-08-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2017-12-29 19:31 - 2013-10-29 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-12-29 19:31 - 2013-10-29 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2017-12-29 19:31 - 2013-10-29 19:08 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-12-29 19:31 - 2013-10-29 18:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-29 19:11 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-29 19:10 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-29 19:06 - 2016-04-13 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-29 19:06 - 2015-06-15 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-29 19:05 - 2016-09-22 20:36 - 000000000 ____D C:\Program Files\Realtek
2017-12-29 19:05 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Synaptics
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-12-28 17:45 - 2014-08-20 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-28 17:40 - 2014-08-20 17:20 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-18 22:23 - 2015-06-17 08:05 - 000000000 ____D C:\ProgramData\Comodo
2017-12-15 20:44 - 2015-09-01 19:44 - 000000000 ____D C:\Users\Julia\AppData\Local\Publishers
2017-12-15 20:44 - 2015-09-01 12:49 - 000000000 ____D C:\Users\Timothy\AppData\Local\Publishers
2017-12-15 20:34 - 2014-09-20 19:19 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:33 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:33 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-14 02:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-19 19:34 - 2015-11-02 20:07 - 000376689 _____ () C:\Users\Timothy\AppData\Roaming\AbsoluteReminder.xml
2017-04-22 11:49 - 2017-04-22 11:49 - 000000017 _____ () C:\Users\Timothy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-29 19:35
==================== Ende von FRST.txt ============================
Geändert von Tim79 (06.01.2018 um 19:09 Uhr) |
|
06.01.2018, 19:13
| #6 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (06-01-2018 18:55:44)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3769F19F-45C0-4B2D-992B-05223B1FEB94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A342626-5C5E-4DF3-B312-DD83185F5FEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{65B24B18-CDCB-4B5E-9064-A473798272E3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5AA331E6-7532-4FA9-A20D-D92974947955}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13518858-DD80-4C29-991C-55215E5490D8}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [TCP Query User{DE2CDF1A-0743-4F61-BA8E-3C0500CAE274}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [{D4C000ED-633B-437C-8EB6-23354A4EF327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{29069ABE-032B-4B1D-BCB8-3A4A6E622F4A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{86852487-13B2-44F4-A0D4-25BEB4D99FD0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D5F0119A-B223-4964-8B0B-30EACC9EF44A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11C90BAF-CFF3-455D-9E25-25E42FE51BA9}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BE993BAF-47C7-4DD4-81D1-0821AFC86659}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{2E492F64-BF21-4965-B652-41A33109AC2D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E32EA6DB-2EAE-4899-A7C5-AB390D3503AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{72C7970B-E700-4A57-AE46-231EAF98721F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EF2329C-1E60-4408-88A1-6DE50D42B9B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8966330E-BE30-409E-9455-69CE0F12CC90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DEAFF6A-066A-4005-BC7E-084E6E9F82F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DF6C1E60-3670-49D8-8476-E86716187EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B66AFF7-43CB-4338-9552-3A0A7F58E263}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7F0B837-6841-4107-8A87-B492468801F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7F6F61D5-A75C-4F79-B58B-18EE1AF7DDA7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A35D1D2-7451-4A65-8524-40843C07E5F4}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7BF2AFA9-6AE6-4F05-A033-1406997B7C1E}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{989DF027-B861-4B84-856D-2E4D9C1202DB}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{EBEA0B02-973E-467C-98B7-5EFA79ABF598}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{67368898-CBF9-4D59-A4B8-912D7FA4D9A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E68BBC48-4F50-4B90-B97D-DC6A2C097CE8}] => (Allow) LPort=2869
FirewallRules: [{EBD1110E-9E19-4586-B9BC-FCE3346FC181}] => (Allow) LPort=1900
FirewallRules: [{7B1FD2A5-5BAA-41FE-A0AA-67089E5BA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D2526E4-906D-484B-9A5E-E09573052E64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6740FAC6-B707-4D1E-A257-F51B751FBB59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85DB67DF-EB4F-4F93-BB55-D3D07D00EE25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97C79946-10CA-468A-9C93-AAA8E5715DA4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A3907C5E-9D54-4EF3-B09C-6F4E91779960}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0C00DBA0-1681-46D3-892B-0A46B4F12A55}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F59ECA5D-88AB-4B91-8A77-FC9C7E36B0D4}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{8FAF9711-0126-471A-8DF9-E8744801F428}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2fe0
Startzeit: 01d3854b9f2e8cd6
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: App
Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/06/2018 06:48:22 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:48:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/06/2018 06:41:02 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:38:46 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:37:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/06/2018 06:36:05 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:35:39 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:34:49 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:34:17 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/06/2018 06:33:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2018-01-06 18:57:00.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:57:00.466
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:56:55.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:56:55.318
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:56:46.252
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:56:46.250
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:40:55.183
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:40:55.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:40:48.782
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-06 18:40:48.780
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 3974.34 MB
Summe virtueller Speicher: 9864.27 MB
Verfügbarer virtueller Speicher: 5648.17 MB
==================== Laufwerke ================================
Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.27 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:19.34 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
06.01.2018, 21:19
| #7 |
| /// TB-Ausbilder | Virenverdacht. Kann jemand Logfile analysieren? Servus, die FRST.txt ist leider immer noch unvollständig...  |
|
06.01.2018, 23:30
| #8 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
durchgeführt von Timothy (Administrator) auf SILBERLOCKE (06-01-2018 23:25:01)
Gestartet von C:\Users\Timothy\Desktop
Geladene Profile: Timothy (Verfügbare Profile: Timothy & Julia)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() D:\1&1\1&1 Surf-Stick\AssistantServices.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) D:\Eigene Programme\Mozilla\Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() D:\Eigene Programme\Softonic\gfSubtitlePlayer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [UIExec] => D:\1&1\1&1 Surf-Stick\UIExec.exe [139088 2015-09-26] ()
HKLM-x32\...\Run: [PDFPrint] => D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [Spotify Web Helper] => C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-12] (Spotify Ltd)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-10-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-10-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87b167a3-4b8e-4e22-9800-0a9597ac92df}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c93302ec-c967-489a-9ad3-d1b851f01d41}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
FireFox:
========
FF ProfilePath: C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default [2018-01-06]
FF user.js: detected! => C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default\user.js [2015-06-15]
FF Session Restore: Mozilla\Firefox\Profiles\rpk35ggf.default -> ist aktiviert.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-01-10] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1821675693-422080741-3404470268-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2015-10-30] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PDF24; D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-08-14] (Synaptics Incorporated)
R2 UI Assistant Service; D:\1&1\1&1 Surf-Stick\AssistantServices.exe [253264 2015-09-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-25] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-12-29] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-06 22:22 - 2018-01-06 22:23 - 000019123 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e04.the.eyes.of.texas.(2016).eng.1cd.(6544252).zip
2018-01-06 18:50 - 2018-01-06 18:51 - 000023156 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e03.other.voices.other.rooms.(2016).eng.1cd.(6530964).zip
2018-01-06 18:48 - 2018-01-06 23:27 - 000019320 _____ C:\Users\Timothy\Desktop\FRST.txt
2018-01-06 18:37 - 2018-01-06 18:37 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\SumatraPDF
2018-01-05 22:36 - 2018-01-05 22:36 - 000022210 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e02.the.kill.floor.(2016).eng.1cd.(6517525).zip
2018-01-05 20:57 - 2018-01-06 22:23 - 000000000 ____D C:\Users\Timothy\Desktop\11.22.63
2018-01-05 20:56 - 2018-01-05 20:57 - 000025032 _____ C:\Users\Timothy\Downloads\11-22-63-first-season-english-911599.zip
2018-01-05 20:19 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Desktop\FRST64.exe
2018-01-04 21:28 - 2018-01-04 21:29 - 000076300 _____ C:\Users\Timothy\Downloads\Addition.txt
2018-01-04 21:26 - 2018-01-04 21:29 - 000186375 _____ C:\Users\Timothy\Downloads\FRST.txt
2018-01-04 21:22 - 2018-01-06 23:25 - 000000000 ____D C:\FRST
2018-01-04 21:21 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Downloads\FRST64.exe
2018-01-04 20:31 - 2018-01-04 20:31 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Timothy\Downloads\hijackthis.exe
2018-01-04 20:22 - 2018-01-04 20:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Timothy\Downloads\HijackThis - CHIP-Installer.exe
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ___HD C:\Users\Julia\MicrosoftEdgeBackups
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia\AppData\Local\DBG
2018-01-04 12:02 - 2018-01-04 12:02 - 000000000 ___RD C:\Users\Julia\3D Objects
2018-01-04 12:01 - 2018-01-04 12:01 - 000000020 ___SH C:\Users\Julia\ntuser.ini
2018-01-02 23:44 - 2018-01-02 23:44 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-01-02 23:44 - 2018-01-02 23:44 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2018-01-02 22:11 - 2018-01-02 22:11 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\Timothy\Downloads\SumatraPDF-3.1.2-install.exe
2018-01-01 18:36 - 2018-01-01 18:33 - 000065318 _____ C:\Users\Timothy\Desktop\S01E01- The Rabbit Hole.eng.srt
2018-01-01 18:35 - 2018-01-01 18:35 - 000025451 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e01.the.rabbit.hole.(2016).eng.1cd.(6706508).zip
2018-01-01 18:27 - 2018-01-01 18:27 - 000049938 _____ C:\Users\Timothy\Downloads\manchester.by.the.sea.(2016).eng.1cd.(6901378).zip
2017-12-30 21:52 - 2017-12-30 21:52 - 000000000 ____D C:\Users\Timothy\AppData\Local\DBG
2017-12-29 20:17 - 2017-12-29 20:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 20:15 - 2017-12-29 20:15 - 000000000 ___HD C:\Users\Timothy\MicrosoftEdgeBackups
2017-12-29 20:14 - 2017-12-29 20:14 - 000000000 ___RD C:\Users\Timothy\3D Objects
2017-12-29 20:13 - 2017-12-29 20:13 - 000000020 ___SH C:\Users\Timothy\ntuser.ini
2017-12-29 20:12 - 2018-01-04 21:19 - 007459424 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-29 20:12 - 2017-12-30 21:08 - 000000000 ___HD C:\VTRoot
2017-12-29 20:09 - 2018-01-06 18:37 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206}
2017-12-29 20:09 - 2018-01-04 12:31 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-29 20:09 - 2017-12-29 20:10 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:10 - 000002826 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 20:09 - 2017-12-29 20:10 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia
2017-12-29 20:09 - 2017-12-29 20:09 - 000003438 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-29 20:09 - 2017-12-29 20:09 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:09 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:09 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-29 20:09 - 2017-12-29 20:09 - 000002550 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-29 20:09 - 2017-12-29 20:09 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-12-29 20:09 - 2017-12-29 20:09 - 000001908 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2017-12-29 20:09 - 2017-12-29 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-29 20:09 - 2017-04-11 09:55 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 19:57 - 2017-12-30 21:31 - 001908440 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 19:46 - 2017-12-29 19:46 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 19:45 - 2017-12-29 19:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 19:41 - 2017-12-30 19:39 - 000000000 ____D C:\Users\Timothy\AppData\Local\Packages
2017-12-29 19:40 - 2018-01-04 12:23 - 000000000 ____D C:\Users\Julia\AppData\Local\Packages
2017-12-29 19:39 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia
2017-12-29 19:39 - 2017-12-29 20:15 - 000000000 ____D C:\Users\Timothy
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Anwendungsdaten
2017-12-29 19:37 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 19:37 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 19:37 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 19:35 - 2018-01-06 23:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 19:35 - 2017-12-29 19:53 - 000258992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-29 19:31 - 2017-12-29 20:12 - 000000000 ____D C:\Windows.old
2017-12-29 19:05 - 2017-12-29 19:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-29 19:01 - 2017-12-29 19:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\MSBuild
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-29 18:56 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 18:55 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-29 18:38 - 2017-12-29 18:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-29 17:52 - 2017-12-30 08:48 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 12:12 - 2017-12-29 19:54 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-12-29 12:05 - 2017-12-29 12:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET97B.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET34F.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET213.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\SETB225.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAFC1.tmp
2017-12-28 17:43 - 2017-12-29 17:52 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-28 17:41 - 2017-12-28 17:41 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-28 17:29 - 2016-12-29 14:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-22 16:04 - 2017-12-22 16:04 - 000000000 ____D C:\Users\Julia\AppData\Local\CrashDumps
2017-12-22 12:13 - 2017-12-29 20:12 - 000000000 ___HD C:\$GetCurrent
2017-12-22 12:12 - 2017-12-29 20:13 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 12:12 - 2017-12-29 16:16 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-12-20 21:53 - 2017-12-20 21:53 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-19 06:23 - 2017-12-19 06:23 - 000000000 ____D C:\Users\Timothy\AppData\Local\UNP
2017-12-18 22:24 - 2017-12-18 22:24 - 000001251 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2017-12-18 22:23 - 2017-12-18 22:23 - 000000000 ____D C:\Program Files (x86)\COMODO
2017-12-18 22:23 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-18 22:23 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-18 22:23 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-18 22:20 - 2017-12-18 22:20 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-18 22:19 - 2017-12-18 22:20 - 005500784 _____ (COMODO) C:\Users\Timothy\Downloads\cispremium_installer_6100_08.exe
2017-12-18 22:02 - 2017-12-29 19:31 - 000000000 ____D C:\Program Files\UNP
2017-12-14 15:38 - 2017-12-18 22:02 - 000000000 ____D C:\Program Files\rempl
2017-12-14 02:32 - 2017-12-29 18:58 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:32 - 2017-12-14 02:32 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-08 23:32 - 2017-05-31 22:24 - 000051176 _____ C:\Users\Timothy\Desktop\House.of.Cards.2013.S05E04.720p.WEBRip.x264-MOROSE.srt
2017-12-08 23:31 - 2017-12-08 23:31 - 000020535 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-4-english-36817.zip
2017-12-08 22:37 - 2017-12-08 22:37 - 000021989 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-3-english-36816.zip
2017-12-08 21:14 - 2017-12-08 21:14 - 000139283 _____ C:\Users\Timothy\Downloads\The.Hateful.Eight.2015.720p.BluRay.x264-[YTS.AG].srt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-06 23:24 - 2017-04-11 20:38 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-01-06 18:52 - 2014-08-19 20:27 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\vlc
2018-01-06 18:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-06 18:34 - 2017-01-28 21:24 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Mozilla
2018-01-06 18:33 - 2014-08-20 20:43 - 000000000 __SHD C:\Users\Timothy\IntelGraphicsProfiles
2018-01-06 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-06 18:32 - 2016-09-22 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-05 20:11 - 2014-10-30 18:49 - 000000000 __SHD C:\Users\Julia\IntelGraphicsProfiles
2018-01-05 07:52 - 2017-02-01 07:50 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
2018-01-04 12:02 - 2015-09-01 19:42 - 000000000 ____D C:\Users\Julia\AppData\Local\TileDataLayer
2018-01-04 12:02 - 2014-08-20 02:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-03 17:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-02 22:12 - 2015-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-02 17:45 - 2014-08-19 20:12 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-01-01 18:53 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-01 18:20 - 2015-06-03 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-01 18:19 - 2017-01-28 21:24 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-01 18:19 - 2017-01-28 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-01 18:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-31 11:09 - 2014-11-01 16:42 - 000002027 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\Program Files (x86)\Sonos
2017-12-31 11:08 - 2014-09-02 20:04 - 000000000 ____D C:\Users\Timothy\AppData\Local\Downloaded Installations
2017-12-30 21:31 - 2017-09-30 15:35 - 000834104 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-30 21:31 - 2017-09-30 15:35 - 000171582 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-30 19:39 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-29 20:14 - 2015-09-01 12:47 - 000000000 ____D C:\Users\Timothy\AppData\Local\TileDataLayer
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-29 20:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-29 20:05 - 2014-08-20 23:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 19:57 - 2013-10-29 19:07 - 001874790 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 19:54 - 2013-10-29 19:26 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-12-29 19:53 - 2016-09-22 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-29 19:52 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-29 19:52 - 2016-01-06 22:42 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:52 - 2014-08-19 20:26 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 19:38 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:38 - 2016-09-22 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-29 19:37 - 2016-09-22 20:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 19:37 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-29 19:35 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-29 19:31 - 2017-10-11 07:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-29 19:31 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-29 19:31 - 2017-07-19 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-12-29 19:31 - 2017-03-11 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-12-29 19:31 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-29 19:31 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Intel
2017-12-29 19:31 - 2016-07-30 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-29 19:31 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-29 19:31 - 2016-07-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-12-29 19:31 - 2016-01-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:31 - 2015-10-21 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2017-12-29 19:31 - 2015-06-17 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-29 19:31 - 2015-03-01 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-29 19:31 - 2015-02-20 21:57 - 000000000 ____D C:\WINDOWS\de
2017-12-29 19:31 - 2015-01-23 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-29 19:31 - 2014-08-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2017-12-29 19:31 - 2013-10-29 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-12-29 19:31 - 2013-10-29 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2017-12-29 19:31 - 2013-10-29 19:08 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-12-29 19:31 - 2013-10-29 18:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-29 19:11 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-29 19:10 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-29 19:06 - 2016-04-13 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-29 19:06 - 2015-06-15 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-29 19:05 - 2016-09-22 20:36 - 000000000 ____D C:\Program Files\Realtek
2017-12-29 19:05 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Synaptics
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-12-28 17:45 - 2014-08-20 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-28 17:40 - 2014-08-20 17:20 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-18 22:23 - 2015-06-17 08:05 - 000000000 ____D C:\ProgramData\Comodo
2017-12-15 20:44 - 2015-09-01 19:44 - 000000000 ____D C:\Users\Julia\AppData\Local\Publishers
2017-12-15 20:44 - 2015-09-01 12:49 - 000000000 ____D C:\Users\Timothy\AppData\Local\Publishers
2017-12-15 20:34 - 2014-09-20 19:19 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:33 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:33 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-14 02:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-19 19:34 - 2015-11-02 20:07 - 000376689 _____ () C:\Users\Timothy\AppData\Roaming\AbsoluteReminder.xml
2017-04-22 11:49 - 2017-04-22 11:49 - 000000017 _____ () C:\Users\Timothy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-29 19:35
==================== Ende von FRST.txt ============================
|
|
07.01.2018, 20:13
| #9 |
| /// TB-Ausbilder | Virenverdacht. Kann jemand Logfile analysieren? Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
07.01.2018, 23:00
| #10 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter # AdwCleaner 7.0.6.0 - Logfile created on Sun Jan 07 21:22:39 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\api.ciuvo.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1303 B] - [2018/1/7 21:20:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 07.01.18
Scan-Zeit: 22:34
Protokolldatei: 8cfccdba-f3f2-11e7-80b8-089e01f64514.json
Administrator: Ja
-Softwaredaten-
Version: 3.3.1.2183
Komponentenversion: 1.0.262
Version des Aktualisierungspakets: 1.0.3645
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.125)
CPU: x64
Dateisystem: NTFS
Benutzer: Silberlocke\Timothy
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 358661
Erkannte Bedrohungen: 4
In die Quarantäne verschobene Bedrohungen: 4
Abgelaufene Zeit: 11 Min., 48 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 4
PUM.Optional.FireFoxSecurityOverride, C:\USERS\TIMOTHY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RPK35GGF.DEFAULT\USER.JS, In Quarantäne, [13874], [302435],1.0.3645
PUP.Optional.DownloadGuide, C:\USERS\TIMOTHY\DOWNLOADS\PDFX5_CB-DL-MANAGER.EXE, In Quarantäne, [168], [98777],1.0.3645
PUP.Optional.DownloadGuide, C:\USERS\TIMOTHY\DOWNLOADS\SCHRANKPLANER_SETUP_CB-DL-MANAGER.EXE, In Quarantäne, [168], [18726],1.0.3645
Adware.InstallCore, C:\USERS\TIMOTHY\DOWNLOADS\FLASHVIDEOPLAYER.EXE, In Quarantäne, [875], [434006],1.0.3645
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
durchgeführt von Timothy (Administrator) auf SILBERLOCKE (07-01-2018 22:54:20)
Gestartet von C:\Users\Timothy\Desktop
Geladene Profile: Timothy (Verfügbare Profile: Timothy & Julia)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Geek Software GmbH) D:\Eigene Programme\PDF24\pdf24.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() D:\1&1\1&1 Surf-Stick\AssistantServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [UIExec] => D:\1&1\1&1 Surf-Stick\UIExec.exe [139088 2015-09-26] ()
HKLM-x32\...\Run: [PDFPrint] => D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [Spotify Web Helper] => C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-12] (Spotify Ltd)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-10-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-10-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87b167a3-4b8e-4e22-9800-0a9597ac92df}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c93302ec-c967-489a-9ad3-d1b851f01d41}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
FireFox:
========
FF ProfilePath: C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default [2018-01-07]
FF Session Restore: Mozilla\Firefox\Profiles\rpk35ggf.default -> ist aktiviert.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-01-10] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1821675693-422080741-3404470268-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2015-10-30] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PDF24; D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-08-14] (Synaptics Incorporated)
R2 UI Assistant Service; D:\1&1\1&1 Surf-Stick\AssistantServices.exe [253264 2015-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-25] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-07] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-07] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2018-01-07] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-07 22:54 - 2018-01-07 22:55 - 000019699 _____ C:\Users\Timothy\Desktop\FRST.txt
2018-01-07 22:53 - 2018-01-07 22:53 - 000001859 _____ C:\Users\Timothy\Desktop\mbam.txt
2018-01-07 22:51 - 2018-01-07 22:51 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2018-01-07 22:34 - 2018-01-07 22:51 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-07 22:34 - 2018-01-07 22:51 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-07 22:34 - 2018-01-07 22:51 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-07 22:34 - 2018-01-07 22:34 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-07 22:33 - 2018-01-07 22:33 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-07 22:33 - 2018-01-07 22:33 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-07 22:33 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-07 22:31 - 2018-01-07 22:33 - 083316440 _____ (Malwarebytes ) C:\Users\Timothy\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2018-01-07 22:30 - 2018-01-07 22:30 - 000001569 _____ C:\Users\Timothy\Desktop\AdwCleaner[C0].txt
2018-01-07 22:18 - 2018-01-07 22:30 - 000000000 ____D C:\AdwCleaner
2018-01-07 22:12 - 2018-01-07 22:11 - 008198432 _____ (Malwarebytes) C:\Users\Timothy\Desktop\adwcleaner_7.0.6.0.exe
2018-01-07 22:11 - 2018-01-07 22:11 - 008198432 _____ (Malwarebytes) C:\Users\Timothy\Downloads\adwcleaner_7.0.6.0.exe
2018-01-07 20:50 - 2018-01-07 20:50 - 000017485 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e05.the.truth.(2016).eng.1cd.(6552695).zip
2018-01-06 22:22 - 2018-01-06 22:23 - 000019123 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e04.the.eyes.of.texas.(2016).eng.1cd.(6544252).zip
2018-01-06 18:50 - 2018-01-06 18:51 - 000023156 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e03.other.voices.other.rooms.(2016).eng.1cd.(6530964).zip
2018-01-06 18:37 - 2018-01-06 18:37 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\SumatraPDF
2018-01-05 22:36 - 2018-01-05 22:36 - 000022210 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e02.the.kill.floor.(2016).eng.1cd.(6517525).zip
2018-01-05 20:57 - 2018-01-07 21:13 - 000000000 ____D C:\Users\Timothy\Desktop\11.22.63
2018-01-05 20:56 - 2018-01-05 20:57 - 000025032 _____ C:\Users\Timothy\Downloads\11-22-63-first-season-english-911599.zip
2018-01-05 20:19 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Desktop\FRST64.exe
2018-01-04 21:28 - 2018-01-04 21:29 - 000076300 _____ C:\Users\Timothy\Downloads\Addition.txt
2018-01-04 21:26 - 2018-01-04 21:29 - 000186375 _____ C:\Users\Timothy\Downloads\FRST.txt
2018-01-04 21:22 - 2018-01-07 22:54 - 000000000 ____D C:\FRST
2018-01-04 21:21 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Downloads\FRST64.exe
2018-01-04 20:31 - 2018-01-04 20:31 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Timothy\Downloads\hijackthis.exe
2018-01-04 20:22 - 2018-01-04 20:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Timothy\Downloads\HijackThis - CHIP-Installer.exe
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ___HD C:\Users\Julia\MicrosoftEdgeBackups
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia\AppData\Local\DBG
2018-01-04 12:02 - 2018-01-04 12:02 - 000000000 ___RD C:\Users\Julia\3D Objects
2018-01-04 12:01 - 2018-01-04 12:01 - 000000020 ___SH C:\Users\Julia\ntuser.ini
2018-01-02 23:44 - 2018-01-02 23:44 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-01-02 23:44 - 2018-01-02 23:44 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2018-01-02 22:11 - 2018-01-02 22:11 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\Timothy\Downloads\SumatraPDF-3.1.2-install.exe
2018-01-01 18:36 - 2018-01-01 18:33 - 000065318 _____ C:\Users\Timothy\Desktop\S01E01- The Rabbit Hole.eng.srt
2018-01-01 18:35 - 2018-01-01 18:35 - 000025451 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e01.the.rabbit.hole.(2016).eng.1cd.(6706508).zip
2018-01-01 18:27 - 2018-01-01 18:27 - 000049938 _____ C:\Users\Timothy\Downloads\manchester.by.the.sea.(2016).eng.1cd.(6901378).zip
2017-12-30 21:52 - 2017-12-30 21:52 - 000000000 ____D C:\Users\Timothy\AppData\Local\DBG
2017-12-29 20:17 - 2017-12-29 20:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 20:15 - 2017-12-29 20:15 - 000000000 ___HD C:\Users\Timothy\MicrosoftEdgeBackups
2017-12-29 20:14 - 2017-12-29 20:14 - 000000000 ___RD C:\Users\Timothy\3D Objects
2017-12-29 20:13 - 2017-12-29 20:13 - 000000020 ___SH C:\Users\Timothy\ntuser.ini
2017-12-29 20:12 - 2018-01-07 22:22 - 007443086 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-29 20:12 - 2017-12-30 21:08 - 000000000 ___HD C:\VTRoot
2017-12-29 20:09 - 2018-01-07 22:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 20:09 - 2018-01-07 22:29 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206}
2017-12-29 20:09 - 2018-01-04 12:31 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-29 20:09 - 2017-12-29 20:10 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:10 - 000002826 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 20:09 - 2017-12-29 20:10 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia
2017-12-29 20:09 - 2017-12-29 20:09 - 000003438 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-29 20:09 - 2017-12-29 20:09 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:09 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:09 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-29 20:09 - 2017-12-29 20:09 - 000002550 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-29 20:09 - 2017-12-29 20:09 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-12-29 20:09 - 2017-12-29 20:09 - 000001908 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-29 20:09 - 2017-04-11 09:55 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 19:57 - 2018-01-07 22:30 - 001938850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 19:46 - 2017-12-29 19:46 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 19:45 - 2017-12-29 19:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 19:41 - 2017-12-30 19:39 - 000000000 ____D C:\Users\Timothy\AppData\Local\Packages
2017-12-29 19:40 - 2018-01-04 12:23 - 000000000 ____D C:\Users\Julia\AppData\Local\Packages
2017-12-29 19:39 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia
2017-12-29 19:39 - 2017-12-29 20:15 - 000000000 ____D C:\Users\Timothy
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Anwendungsdaten
2017-12-29 19:37 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 19:37 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 19:37 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 19:35 - 2018-01-07 22:23 - 000258128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-29 19:35 - 2018-01-07 21:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 19:31 - 2017-12-29 20:12 - 000000000 ____D C:\Windows.old
2017-12-29 19:05 - 2017-12-29 19:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-29 19:01 - 2017-12-29 19:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\MSBuild
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-29 18:56 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 18:55 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-29 18:38 - 2017-12-29 18:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-29 17:52 - 2017-12-30 08:48 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 12:05 - 2017-12-29 12:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET97B.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET34F.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET213.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\SETB225.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAFC1.tmp
2017-12-28 17:43 - 2017-12-29 17:52 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-28 17:41 - 2017-12-28 17:41 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-28 17:29 - 2016-12-29 14:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-22 16:04 - 2017-12-22 16:04 - 000000000 ____D C:\Users\Julia\AppData\Local\CrashDumps
2017-12-22 12:13 - 2017-12-29 20:12 - 000000000 ___HD C:\$GetCurrent
2017-12-22 12:12 - 2017-12-29 20:13 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 12:12 - 2017-12-29 16:16 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-12-20 21:53 - 2017-12-20 21:53 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-19 06:23 - 2017-12-19 06:23 - 000000000 ____D C:\Users\Timothy\AppData\Local\UNP
2017-12-18 22:24 - 2017-12-18 22:24 - 000001251 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2017-12-18 22:23 - 2017-12-18 22:23 - 000000000 ____D C:\Program Files (x86)\COMODO
2017-12-18 22:23 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-18 22:23 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-18 22:23 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-18 22:20 - 2017-12-18 22:20 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-18 22:19 - 2017-12-18 22:20 - 005500784 _____ (COMODO) C:\Users\Timothy\Downloads\cispremium_installer_6100_08.exe
2017-12-18 22:02 - 2017-12-29 19:31 - 000000000 ____D C:\Program Files\UNP
2017-12-14 15:38 - 2017-12-18 22:02 - 000000000 ____D C:\Program Files\rempl
2017-12-14 02:32 - 2017-12-29 18:58 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:32 - 2017-12-14 02:32 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-08 23:32 - 2017-05-31 22:24 - 000051176 _____ C:\Users\Timothy\Desktop\House.of.Cards.2013.S05E04.720p.WEBRip.x264-MOROSE.srt
2017-12-08 23:31 - 2017-12-08 23:31 - 000020535 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-4-english-36817.zip
2017-12-08 22:37 - 2017-12-08 22:37 - 000021989 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-3-english-36816.zip
2017-12-08 21:14 - 2017-12-08 21:14 - 000139283 _____ C:\Users\Timothy\Downloads\The.Hateful.Eight.2015.720p.BluRay.x264-[YTS.AG].srt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-07 22:52 - 2017-01-28 21:24 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Mozilla
2018-01-07 22:51 - 2016-09-22 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-07 22:51 - 2014-08-20 20:43 - 000000000 __SHD C:\Users\Timothy\IntelGraphicsProfiles
2018-01-07 22:51 - 2013-10-29 19:26 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2018-01-07 22:50 - 2016-09-22 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-07 22:49 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-07 22:49 - 2017-04-11 20:38 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-01-07 22:30 - 2017-09-30 15:35 - 000850866 _____ C:\WINDOWS\system32\perfh007.dat
2018-01-07 22:30 - 2017-09-30 15:35 - 000176138 _____ C:\WINDOWS\system32\perfc007.dat
2018-01-07 22:23 - 2017-01-28 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-07 22:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-06 18:52 - 2014-08-19 20:27 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\vlc
2018-01-06 18:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-06 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-05 20:11 - 2014-10-30 18:49 - 000000000 __SHD C:\Users\Julia\IntelGraphicsProfiles
2018-01-05 07:52 - 2017-02-01 07:50 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
2018-01-04 12:02 - 2015-09-01 19:42 - 000000000 ____D C:\Users\Julia\AppData\Local\TileDataLayer
2018-01-04 12:02 - 2014-08-20 02:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-03 17:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-02 22:12 - 2015-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-02 17:45 - 2014-08-19 20:12 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-01-01 18:53 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-01 18:20 - 2015-06-03 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-01 18:19 - 2017-01-28 21:24 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-01 18:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-31 11:09 - 2014-11-01 16:42 - 000002027 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\Program Files (x86)\Sonos
2017-12-31 11:08 - 2014-09-02 20:04 - 000000000 ____D C:\Users\Timothy\AppData\Local\Downloaded Installations
2017-12-30 19:39 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-29 20:14 - 2015-09-01 12:47 - 000000000 ____D C:\Users\Timothy\AppData\Local\TileDataLayer
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-29 20:05 - 2014-08-20 23:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 19:57 - 2013-10-29 19:07 - 001874790 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 19:52 - 2016-01-06 22:42 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:52 - 2014-08-19 20:26 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 19:38 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:38 - 2016-09-22 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-29 19:37 - 2016-09-22 20:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 19:37 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-29 19:35 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-29 19:31 - 2017-10-11 07:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-29 19:31 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-29 19:31 - 2017-07-19 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-12-29 19:31 - 2017-03-11 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-12-29 19:31 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-29 19:31 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Intel
2017-12-29 19:31 - 2016-07-30 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-29 19:31 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-29 19:31 - 2016-07-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-12-29 19:31 - 2016-01-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:31 - 2015-10-21 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2017-12-29 19:31 - 2015-06-17 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-29 19:31 - 2015-03-01 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-29 19:31 - 2015-02-20 21:57 - 000000000 ____D C:\WINDOWS\de
2017-12-29 19:31 - 2015-01-23 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-29 19:31 - 2014-08-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2017-12-29 19:31 - 2013-10-29 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-12-29 19:31 - 2013-10-29 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2017-12-29 19:31 - 2013-10-29 19:08 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-12-29 19:31 - 2013-10-29 18:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-29 19:11 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-29 19:10 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-29 19:06 - 2016-04-13 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-29 19:06 - 2015-06-15 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-29 19:05 - 2016-09-22 20:36 - 000000000 ____D C:\Program Files\Realtek
2017-12-29 19:05 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Synaptics
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-12-28 17:45 - 2014-08-20 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-28 17:40 - 2014-08-20 17:20 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-18 22:23 - 2015-06-17 08:05 - 000000000 ____D C:\ProgramData\Comodo
2017-12-15 20:44 - 2015-09-01 19:44 - 000000000 ____D C:\Users\Julia\AppData\Local\Publishers
2017-12-15 20:44 - 2015-09-01 12:49 - 000000000 ____D C:\Users\Timothy\AppData\Local\Publishers
2017-12-15 20:34 - 2014-09-20 19:19 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:33 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:33 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-14 02:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-19 19:34 - 2015-11-02 20:07 - 000376689 _____ () C:\Users\Timothy\AppData\Roaming\AbsoluteReminder.xml
2017-04-22 11:49 - 2017-04-22 11:49 - 000000017 _____ () C:\Users\Timothy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-29 19:35
==================== Ende von FRST.txt ============================
|
|
07.01.2018, 23:04
| #11 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (07-01-2018 22:56:50)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2018-01-07 22:33 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-01-07 22:33 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 17:30 - 2018-01-03 17:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2fe0
Startzeit: 01d3854b9f2e8cd6
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: App
Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/07/2018 10:56:33 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/07/2018 10:56:03 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/07/2018 10:54:11 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/07/2018 10:53:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender Antivirus Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.
Error: (01/07/2018 10:51:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (01/07/2018 10:51:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppXSvc erreicht.
Error: (01/07/2018 10:51:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/07/2018 10:51:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/07/2018 10:39:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/07/2018 10:27:23 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2018-01-07 22:57:58.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:57:58.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:57:39.917
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 22:57:20.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:57:20.808
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:57:05.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:57:05.493
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:56:59.970
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:56:59.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 22:56:07.706
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 4859.43 MB
Summe virtueller Speicher: 9224.27 MB
Verfügbarer virtueller Speicher: 6088.72 MB
==================== Laufwerke ================================
Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.27 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:19.56 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.01.2018, 17:35
| #12 |
| /// TB-Ausbilder | Virenverdacht. Kann jemand Logfile analysieren? Servus, bisher sieht es gut aus.  wir kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
09.01.2018, 07:23
| #13 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
durchgeführt von Timothy (Administrator) auf SILBERLOCKE (09-01-2018 06:48:57)
Gestartet von C:\Users\Timothy\Desktop
Geladene Profile: Timothy & Julia (Verfügbare Profile: Timothy & Julia)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
() D:\1&1\1&1 Surf-Stick\AssistantServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [UIExec] => D:\1&1\1&1 Surf-Stick\UIExec.exe [139088 2015-09-26] ()
HKLM-x32\...\Run: [PDFPrint] => D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [Spotify Web Helper] => C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-12] (Spotify Ltd)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\...\RunOnce: [Application Restart #0] => C:\Windows\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-10-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-10-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87b167a3-4b8e-4e22-9800-0a9597ac92df}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c93302ec-c967-489a-9ad3-d1b851f01d41}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
|
|
09.01.2018, 07:27
| #14 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter FireFox:
========
FF ProfilePath: C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default [2018-01-09]
FF Session Restore: Mozilla\Firefox\Profiles\rpk35ggf.default -> ist aktiviert.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-01-10] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1821675693-422080741-3404470268-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2015-10-30] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PDF24; D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-08-14] (Synaptics Incorporated)
R2 UI Assistant Service; D:\1&1\1&1 Surf-Stick\AssistantServices.exe [253264 2015-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-25] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-08] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-09] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2018-01-08] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-09 06:47 - 2018-01-09 06:47 - 000001340 _____ C:\Users\Timothy\Desktop\eset.txt
2018-01-08 21:48 - 2018-01-08 21:48 - 006974584 _____ (ESET spol. s r.o.) C:\Users\Timothy\Downloads\esetonlinescanner_deu(1).exe
2018-01-08 21:48 - 2018-01-08 21:48 - 000000000 ____D C:\Users\Timothy\AppData\Local\ESET
2018-01-08 20:58 - 2018-01-08 20:58 - 000021333 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e06.happy.birthday.lee.harvey.oswald.(2016).eng.1cd.(6561780).zip
2018-01-08 20:56 - 2018-01-08 20:56 - 006974584 _____ (ESET spol. s r.o.) C:\Users\Timothy\Downloads\esetonlinescanner_deu.exe
2018-01-08 19:12 - 2018-01-08 19:12 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2018-01-08 18:56 - 2018-01-08 18:53 - 011584088 _____ (SurfRight B.V.) C:\Users\Timothy\Desktop\HitmanPro_x64.exe
2018-01-08 18:53 - 2018-01-08 18:55 - 000000000 ____D C:\ProgramData\HitmanPro
2018-01-08 18:52 - 2018-01-08 18:53 - 011584088 _____ (SurfRight B.V.) C:\Users\Timothy\Downloads\HitmanPro_x64.exe
2018-01-08 18:48 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-08 18:48 - 2018-01-01 13:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-08 18:48 - 2018-01-01 13:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-08 18:48 - 2018-01-01 13:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-08 18:48 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-08 18:48 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-08 18:48 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-08 18:48 - 2018-01-01 13:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-08 18:48 - 2018-01-01 13:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-08 18:48 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-08 18:48 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-08 18:48 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-08 18:48 - 2018-01-01 13:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-08 18:48 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-08 18:48 - 2018-01-01 13:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-08 18:48 - 2018-01-01 13:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-08 18:48 - 2018-01-01 13:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-08 18:48 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-08 18:48 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-08 18:48 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-08 18:48 - 2018-01-01 13:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-08 18:48 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-08 18:48 - 2018-01-01 13:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-08 18:48 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-08 18:48 - 2018-01-01 13:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-08 18:48 - 2018-01-01 13:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-08 18:48 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-08 18:48 - 2018-01-01 13:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-08 18:48 - 2018-01-01 13:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-08 18:48 - 2018-01-01 13:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-08 18:48 - 2018-01-01 13:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-08 18:48 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-08 18:48 - 2018-01-01 13:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-08 18:48 - 2018-01-01 13:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-08 18:48 - 2018-01-01 13:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-08 18:48 - 2018-01-01 13:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-08 18:48 - 2018-01-01 13:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-08 18:48 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-08 18:48 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-08 18:48 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-08 18:48 - 2018-01-01 13:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-08 18:48 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-08 18:48 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-08 18:48 - 2018-01-01 12:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-08 18:48 - 2018-01-01 12:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-08 18:48 - 2018-01-01 12:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-08 18:48 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-08 18:48 - 2018-01-01 12:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-08 18:48 - 2018-01-01 12:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-08 18:48 - 2018-01-01 12:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-08 18:48 - 2018-01-01 12:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-08 18:48 - 2018-01-01 12:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-08 18:48 - 2018-01-01 12:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-08 18:48 - 2018-01-01 12:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-08 18:48 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-08 18:48 - 2018-01-01 12:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-08 18:48 - 2018-01-01 12:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-08 18:48 - 2018-01-01 12:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-08 18:48 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-08 18:48 - 2018-01-01 12:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-08 18:48 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-08 18:48 - 2018-01-01 12:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-08 18:48 - 2018-01-01 12:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-08 18:48 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-08 18:48 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-08 18:48 - 2018-01-01 12:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-08 18:48 - 2018-01-01 12:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-08 18:48 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-08 18:48 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-08 18:48 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-08 18:48 - 2018-01-01 12:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-08 18:48 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-08 18:48 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-08 18:48 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-08 18:48 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-08 18:48 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-08 18:48 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-08 18:48 - 2018-01-01 12:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-08 18:48 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-08 18:48 - 2018-01-01 12:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-08 18:48 - 2018-01-01 12:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-08 18:48 - 2018-01-01 12:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-08 18:48 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-08 18:48 - 2018-01-01 12:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-08 18:48 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-08 18:48 - 2018-01-01 12:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-08 18:48 - 2018-01-01 12:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-08 18:48 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-08 18:48 - 2018-01-01 12:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-08 18:48 - 2018-01-01 12:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-08 18:48 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-08 18:48 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-08 18:48 - 2018-01-01 12:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-08 18:48 - 2018-01-01 12:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-08 18:48 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-08 18:48 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-08 18:48 - 2018-01-01 12:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-08 18:48 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-08 18:48 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-08 18:48 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-08 18:47 - 2018-01-01 13:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-08 18:47 - 2018-01-01 13:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-08 18:47 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-08 18:47 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-08 18:47 - 2018-01-01 13:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-08 18:47 - 2018-01-01 13:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-08 18:47 - 2018-01-01 13:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-08 18:47 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-08 18:47 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-08 18:47 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-08 18:47 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-08 18:47 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-08 18:47 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-08 18:47 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-08 18:47 - 2018-01-01 13:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-08 18:47 - 2018-01-01 13:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-08 18:47 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-08 18:47 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-08 18:47 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-08 18:47 - 2018-01-01 13:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-08 18:47 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-08 18:47 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-08 18:47 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-08 18:47 - 2018-01-01 13:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-08 18:47 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-08 18:47 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-08 18:47 - 2018-01-01 13:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-08 18:47 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-08 18:47 - 2018-01-01 13:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-08 18:47 - 2018-01-01 13:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-08 18:47 - 2018-01-01 13:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-08 18:47 - 2018-01-01 13:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-08 18:47 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-08 18:47 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-08 18:47 - 2018-01-01 13:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-08 18:47 - 2018-01-01 13:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-08 18:47 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-08 18:47 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-08 18:47 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-08 18:47 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-08 18:47 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-08 18:47 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-08 18:47 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-08 18:47 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-08 18:47 - 2018-01-01 12:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-08 18:47 - 2018-01-01 12:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-08 18:47 - 2018-01-01 12:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-08 18:47 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-08 18:47 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-08 18:47 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-08 18:47 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-08 18:47 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-08 18:47 - 2018-01-01 12:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-08 18:47 - 2018-01-01 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-08 18:47 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-08 18:47 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-08 18:47 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-08 18:47 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-08 18:47 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-08 18:47 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-08 18:47 - 2018-01-01 12:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-08 18:47 - 2018-01-01 12:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-08 18:47 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-08 18:47 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-08 18:47 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-08 18:47 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-08 18:47 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-08 18:47 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-08 18:47 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-08 18:47 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-08 18:47 - 2018-01-01 12:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-08 18:47 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-08 18:47 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-08 18:47 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-08 18:47 - 2018-01-01 12:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-08 18:47 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-08 18:47 - 2018-01-01 12:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-08 18:47 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-08 18:47 - 2018-01-01 12:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-08 18:47 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-08 18:47 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-08 18:47 - 2018-01-01 12:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-08 18:47 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-08 18:47 - 2018-01-01 12:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-08 18:47 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-08 18:47 - 2018-01-01 12:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-08 18:47 - 2018-01-01 12:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-08 18:47 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-08 18:47 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-08 18:47 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-08 18:47 - 2018-01-01 12:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-08 18:47 - 2018-01-01 12:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-08 18:47 - 2018-01-01 12:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-08 18:47 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-08 18:47 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-08 18:47 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-08 18:47 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-08 18:47 - 2018-01-01 12:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-08 18:47 - 2018-01-01 12:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-08 18:47 - 2018-01-01 12:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-08 18:47 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-08 18:47 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-08 18:47 - 2018-01-01 12:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-08 18:46 - 2018-01-08 19:01 - 000001134 _____ C:\Users\Timothy\Desktop\Fixlog.txt
2018-01-07 22:56 - 2018-01-07 22:58 - 000074164 _____ C:\Users\Timothy\Desktop\Addition.txt
2018-01-07 22:54 - 2018-01-09 06:49 - 000020105 _____ C:\Users\Timothy\Desktop\FRST.txt
2018-01-07 22:53 - 2018-01-07 22:53 - 000001859 _____ C:\Users\Timothy\Desktop\mbam.txt
2018-01-07 22:34 - 2018-01-09 04:59 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-07 22:34 - 2018-01-08 19:11 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-07 22:34 - 2018-01-08 19:11 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-07 22:34 - 2018-01-07 22:34 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-07 22:33 - 2018-01-07 22:33 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-07 22:33 - 2018-01-07 22:33 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-07 22:33 - 2018-01-07 22:33 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-07 22:33 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-07 22:31 - 2018-01-07 22:33 - 083316440 _____ (Malwarebytes ) C:\Users\Timothy\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2018-01-07 22:30 - 2018-01-07 22:30 - 000001569 _____ C:\Users\Timothy\Desktop\AdwCleaner[C0].txt
2018-01-07 22:18 - 2018-01-07 22:30 - 000000000 ____D C:\AdwCleaner
2018-01-07 22:12 - 2018-01-07 22:11 - 008198432 _____ (Malwarebytes) C:\Users\Timothy\Desktop\adwcleaner_7.0.6.0.exe
2018-01-07 22:11 - 2018-01-07 22:11 - 008198432 _____ (Malwarebytes) C:\Users\Timothy\Downloads\adwcleaner_7.0.6.0.exe
2018-01-07 20:50 - 2018-01-07 20:50 - 000017485 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e05.the.truth.(2016).eng.1cd.(6552695).zip
2018-01-06 22:22 - 2018-01-06 22:23 - 000019123 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e04.the.eyes.of.texas.(2016).eng.1cd.(6544252).zip
2018-01-06 18:50 - 2018-01-06 18:51 - 000023156 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e03.other.voices.other.rooms.(2016).eng.1cd.(6530964).zip
2018-01-06 18:37 - 2018-01-06 18:37 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\SumatraPDF
2018-01-05 22:36 - 2018-01-05 22:36 - 000022210 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e02.the.kill.floor.(2016).eng.1cd.(6517525).zip
2018-01-05 20:57 - 2018-01-07 21:13 - 000000000 ____D C:\Users\Timothy\Desktop\11.22.63
2018-01-05 20:56 - 2018-01-05 20:57 - 000025032 _____ C:\Users\Timothy\Downloads\11-22-63-first-season-english-911599.zip
2018-01-05 20:19 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Desktop\FRST64.exe
2018-01-04 21:28 - 2018-01-04 21:29 - 000076300 _____ C:\Users\Timothy\Downloads\Addition.txt
2018-01-04 21:26 - 2018-01-04 21:29 - 000186375 _____ C:\Users\Timothy\Downloads\FRST.txt
2018-01-04 21:22 - 2018-01-09 06:48 - 000000000 ____D C:\FRST
2018-01-04 21:21 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Downloads\FRST64.exe
2018-01-04 20:31 - 2018-01-04 20:31 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Timothy\Downloads\hijackthis.exe
2018-01-04 20:22 - 2018-01-04 20:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Timothy\Downloads\HijackThis - CHIP-Installer.exe
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ___HD C:\Users\Julia\MicrosoftEdgeBackups
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia\AppData\Local\DBG
2018-01-04 12:02 - 2018-01-04 12:02 - 000000000 ___RD C:\Users\Julia\3D Objects
2018-01-04 12:01 - 2018-01-04 12:01 - 000000020 ___SH C:\Users\Julia\ntuser.ini
2018-01-02 23:44 - 2018-01-02 23:44 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-01-02 23:44 - 2018-01-02 23:44 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2018-01-02 22:11 - 2018-01-02 22:11 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\Timothy\Downloads\SumatraPDF-3.1.2-install.exe
2018-01-01 18:36 - 2018-01-01 18:33 - 000065318 _____ C:\Users\Timothy\Desktop\S01E01- The Rabbit Hole.eng.srt
2018-01-01 18:35 - 2018-01-01 18:35 - 000025451 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e01.the.rabbit.hole.(2016).eng.1cd.(6706508).zip
2018-01-01 18:27 - 2018-01-01 18:27 - 000049938 _____ C:\Users\Timothy\Downloads\manchester.by.the.sea.(2016).eng.1cd.(6901378).zip
2017-12-30 21:52 - 2017-12-30 21:52 - 000000000 ____D C:\Users\Timothy\AppData\Local\DBG
2017-12-29 20:17 - 2017-12-29 20:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 20:15 - 2017-12-29 20:15 - 000000000 ___HD C:\Users\Timothy\MicrosoftEdgeBackups
2017-12-29 20:14 - 2018-01-08 19:12 - 000000000 ___RD C:\Users\Timothy\3D Objects
2017-12-29 20:13 - 2017-12-29 20:13 - 000000020 ___SH C:\Users\Timothy\ntuser.ini
2017-12-29 20:12 - 2018-01-07 22:22 - 007443086 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-29 20:12 - 2017-12-30 21:08 - 000000000 ___HD C:\VTRoot
2017-12-29 20:09 - 2018-01-09 00:58 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206}
2017-12-29 20:09 - 2018-01-08 19:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 20:09 - 2018-01-04 12:31 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-29 20:09 - 2017-12-29 20:10 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:10 - 000002826 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 20:09 - 2017-12-29 20:10 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia
2017-12-29 20:09 - 2017-12-29 20:09 - 000003438 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-29 20:09 - 2017-12-29 20:09 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:09 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:09 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-29 20:09 - 2017-12-29 20:09 - 000002550 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-29 20:09 - 2017-12-29 20:09 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-12-29 20:09 - 2017-12-29 20:09 - 000001908 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-29 20:09 - 2017-04-11 09:55 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 19:57 - 2018-01-09 06:13 - 002030108 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 19:46 - 2017-12-29 19:46 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 19:45 - 2017-12-29 19:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 19:41 - 2017-12-30 19:39 - 000000000 ____D C:\Users\Timothy\AppData\Local\Packages
2017-12-29 19:40 - 2018-01-04 12:23 - 000000000 ____D C:\Users\Julia\AppData\Local\Packages
2017-12-29 19:39 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia
2017-12-29 19:39 - 2017-12-29 20:15 - 000000000 ____D C:\Users\Timothy
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Anwendungsdaten
2017-12-29 19:37 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 19:37 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 19:37 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 19:35 - 2018-01-09 06:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 19:35 - 2018-01-08 19:10 - 000258128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-29 19:31 - 2017-12-29 20:12 - 000000000 ____D C:\Windows.old
2017-12-29 19:05 - 2017-12-29 19:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-29 19:01 - 2017-12-29 19:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\MSBuild
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-29 18:56 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 18:55 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-29 18:38 - 2017-12-29 18:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-29 17:52 - 2017-12-30 08:48 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 12:05 - 2017-12-29 12:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET97B.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET34F.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET213.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\SETB225.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAFC1.tmp
2017-12-28 17:43 - 2017-12-29 17:52 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-28 17:41 - 2017-12-28 17:41 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-28 17:29 - 2016-12-29 14:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-22 16:04 - 2017-12-22 16:04 - 000000000 ____D C:\Users\Julia\AppData\Local\CrashDumps
2017-12-22 12:13 - 2017-12-29 20:12 - 000000000 ___HD C:\$GetCurrent
2017-12-22 12:12 - 2017-12-29 20:13 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 12:12 - 2017-12-29 16:16 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-12-20 21:53 - 2017-12-20 21:53 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-19 06:23 - 2017-12-19 06:23 - 000000000 ____D C:\Users\Timothy\AppData\Local\UNP
2017-12-18 22:24 - 2017-12-18 22:24 - 000001251 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2017-12-18 22:23 - 2017-12-18 22:23 - 000000000 ____D C:\Program Files (x86)\COMODO
2017-12-18 22:23 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-18 22:23 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-18 22:23 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-18 22:20 - 2017-12-18 22:20 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-18 22:19 - 2017-12-18 22:20 - 005500784 _____ (COMODO) C:\Users\Timothy\Downloads\cispremium_installer_6100_08.exe
2017-12-18 22:02 - 2017-12-29 19:31 - 000000000 ____D C:\Program Files\UNP
2017-12-14 15:38 - 2017-12-18 22:02 - 000000000 ____D C:\Program Files\rempl
2017-12-14 02:32 - 2017-12-14 02:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:32 - 2017-12-14 02:32 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-01-09 06:49 - 2017-01-28 21:24 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Mozilla
2018-01-09 06:40 - 2017-04-11 20:38 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-01-09 06:13 - 2017-09-30 15:35 - 000901338 _____ C:\WINDOWS\system32\perfh007.dat
2018-01-09 06:13 - 2017-09-30 15:35 - 000189992 _____ C:\WINDOWS\system32\perfc007.dat
2018-01-09 03:38 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-08 19:12 - 2016-09-22 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-08 19:12 - 2014-08-20 20:43 - 000000000 __SHD C:\Users\Timothy\IntelGraphicsProfiles
2018-01-08 19:12 - 2014-08-20 02:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-08 19:12 - 2013-10-29 19:26 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2018-01-08 19:10 - 2016-09-22 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-08 19:09 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-08 19:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-08 19:08 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-08 19:00 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-08 19:00 - 2016-06-19 20:39 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Temp
2018-01-08 18:57 - 2016-08-11 21:41 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Temp
2018-01-08 18:56 - 2017-09-29 14:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-08 18:53 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-08 18:53 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-08 18:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-07 22:23 - 2017-01-28 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-07 22:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-06 18:52 - 2014-08-19 20:27 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\vlc
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-06 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-05 20:11 - 2014-10-30 18:49 - 000000000 __SHD C:\Users\Julia\IntelGraphicsProfiles
2018-01-05 07:52 - 2017-02-01 07:50 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
2018-01-04 12:02 - 2015-09-01 19:42 - 000000000 ____D C:\Users\Julia\AppData\Local\TileDataLayer
2018-01-03 17:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-02 22:12 - 2015-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-02 17:45 - 2014-08-19 20:12 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-01-01 18:20 - 2015-06-03 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-01 18:19 - 2017-01-28 21:24 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-01 18:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-31 11:09 - 2014-11-01 16:42 - 000002027 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\Program Files (x86)\Sonos
2017-12-31 11:08 - 2014-09-02 20:04 - 000000000 ____D C:\Users\Timothy\AppData\Local\Downloaded Installations
2017-12-29 20:14 - 2015-09-01 12:47 - 000000000 ____D C:\Users\Timothy\AppData\Local\TileDataLayer
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-29 20:05 - 2014-08-20 23:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 19:57 - 2013-10-29 19:07 - 001874790 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 19:52 - 2016-01-06 22:42 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:52 - 2014-08-19 20:26 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 19:38 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:38 - 2016-09-22 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-29 19:37 - 2016-09-22 20:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 19:37 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-29 19:35 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-29 19:31 - 2017-10-11 07:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-29 19:31 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-29 19:31 - 2017-07-19 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-12-29 19:31 - 2017-03-11 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-12-29 19:31 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-29 19:31 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Intel
2017-12-29 19:31 - 2016-07-30 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-29 19:31 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-29 19:31 - 2016-07-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-12-29 19:31 - 2016-01-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:31 - 2015-10-21 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2017-12-29 19:31 - 2015-06-17 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-29 19:31 - 2015-03-01 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-29 19:31 - 2015-02-20 21:57 - 000000000 ____D C:\WINDOWS\de
2017-12-29 19:31 - 2015-01-23 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-29 19:31 - 2014-08-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2017-12-29 19:31 - 2013-10-29 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-12-29 19:31 - 2013-10-29 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2017-12-29 19:31 - 2013-10-29 19:08 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-12-29 19:31 - 2013-10-29 18:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-29 19:11 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-29 19:10 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-29 19:06 - 2016-04-13 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-29 19:06 - 2015-06-15 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-29 19:05 - 2016-09-22 20:36 - 000000000 ____D C:\Program Files\Realtek
2017-12-29 19:05 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Synaptics
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-12-28 17:45 - 2014-08-20 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-28 17:40 - 2014-08-20 17:20 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-18 22:23 - 2015-06-17 08:05 - 000000000 ____D C:\ProgramData\Comodo
2017-12-15 20:44 - 2015-09-01 19:44 - 000000000 ____D C:\Users\Julia\AppData\Local\Publishers
2017-12-15 20:44 - 2015-09-01 12:49 - 000000000 ____D C:\Users\Timothy\AppData\Local\Publishers
2017-12-15 20:34 - 2014-09-20 19:19 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:33 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:33 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-19 19:34 - 2015-11-02 20:07 - 000376689 _____ () C:\Users\Timothy\AppData\Roaming\AbsoluteReminder.xml
2017-04-22 11:49 - 2017-04-22 11:49 - 000000017 _____ () C:\Users\Timothy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-01-08 21:32
==================== Ende von FRST.txt ============================
|
|
09.01.2018, 07:29
| #15 |
| | Virenverdacht. Kann jemand Logfile analysieren?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (09-01-2018 06:50:41)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1006\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2018-01-07 22:33 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-07 22:33 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-12-15 20:32 - 2017-12-15 20:32 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 17:30 - 2018-01-03 17:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
HKU\S-1-5-21-1821675693-422080741-3404470268-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2fe0
Startzeit: 01d3854b9f2e8cd6
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: App
Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/09/2018 03:21:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/08/2018 09:53:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (01/08/2018 09:53:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Timothy\AppData\Local\Temp\ehdrv.sys
Error: (01/08/2018 09:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (01/08/2018 09:53:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Timothy\AppData\Local\Temp\ehdrv.sys
Error: (01/08/2018 09:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (01/08/2018 09:53:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Timothy\AppData\Local\Temp\ehdrv.sys
Error: (01/08/2018 09:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (01/08/2018 09:53:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Timothy\AppData\Local\Temp\ehdrv.sys
Error: (01/08/2018 09:53:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2018-01-09 06:51:15.072
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:51:15.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:46:02.078
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:46:02.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:41:18.472
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-09 06:31:00.905
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:31:00.902
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:26:18.446
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-09 06:24:48.797
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-09 06:24:48.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 5547.98 MB
Summe virtueller Speicher: 9224.27 MB
Verfügbarer virtueller Speicher: 6368.72 MB
==================== Laufwerke ================================
Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.27 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:19.72 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)
Partition: GPT.
==================== Ende von Addition.txt ============================
Eine der Anwendungen zeigt bei Betrieb ständig Warnungen vor Seiten, die firefox angeblich öffnen will. Ich weiß nicht, was das ist; vielleicht stimmt da mit firefox nach wie vor etwas nicht. |
|
| Themen zu Virenverdacht. Kann jemand Logfile analysieren? |
| adobe, antivirus, authentifizierung, basisfiltermodul, bho, bildschirm, bonjour, defender, entfernen, firefox, flash player, hijackthis, home, installation, karte, langsam, logfile, mozilla, prozesse, realtek, registry, rundll, security, software, system, tcp, windows, windowsapps |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
