Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virenverdacht. Kann jemand Logfile analysieren?

Virenverdacht. Kann jemand Logfile analysieren?


Log-Analyse und Auswertung: Virenverdacht. Kann jemand Logfile analysieren?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 04.01.2018, 21:52   #1
Tim79
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?


Hallo,
mein Rechner ist seit kurzem sehr langsam geworden (sämtliche Prozesse). Was ich an offensichtlicher Merkwürdigkeit erkennen kann, ist ein nicht schließbares Browserfenster im Firefox, welches eine fake-Seite mit Aufforderung der Aktualisierung des flashplayers beinhaltet.

AV-Program (Comodo) hat nichts gefunden.

Kann mir jemand weiterhelfen?
Anbei der Hijack-Logfile. Ich habe auch einen Farbar-Logfile erstellt, aber damit es nicht zu unübersichtlich wird vielleicht erstmal nur Hijack.

Logfile of HijackThis Fork (Alpha) by Alex Dragokas v.2.7.0.24

Platform: x64 Windows 10 (Home), 10.0.16299.125 (ReleaseId: 1709), Service Pack: 0
Time: 04.01.2018 - 20:34 (UTC+01:00)
Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407)
Elevated: Yes
Ran by: Timothy (group: Administrator) on SILBERLOCKE, FirstRun: yes

Firefox: 57.0.3.6569
Edge: 11.0.16299.125
Internet Explorer: 11.0.16299.98
Default: "C:\program files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
1 C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
1 C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
1 C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
1 C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
1 C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
1 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
1 C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
1 C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
1 C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Timothy\Downloads\MemCompression
2 C:\Users\Timothy\Downloads\hijackthis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\RTFTrack.exe
1 C:\Windows\SysWOW64\IntelCpHeciSvc.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\ibtsiva.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\msdtc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
73 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 D:\1&1\1&1 Surf-Stick\AssistantServices.exe
1 D:\Eigene Programme\Mozilla\Thunderbird\thunderbird.exe
1 D:\Eigene Programme\Softonic\gfSubtitlePlayer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2-32 - HKLM\..\BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O3-32 - HKLM\..\Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - Global User Startup: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
O4 - Global User Startup: iSCTsysTray.lnk -> C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - HKCU\..\Run: [OneDrive] C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background
O4 - HKCU\..\StartupApproved\Run: [EPLTarget\P0000000000000000] (2015/08/04) C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-412 413 415 Series"
O4 - HKCU\..\StartupApproved\Run: [EPLTarget\P0000000000000001] (2015/08/04) C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-412 413 415 Series"
O4 - HKCU\..\StartupApproved\Run: [Spotify Web Helper] (2014/10/15) C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe
O4 - HKLM\..\FileRenameOperations: C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp -> C:\WINDOWS\AppCompat\Programs\Amcache.hve
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
O4 - HKLM\..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
O4 - HKLM\..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\WINDOWS\WindowsMobile\wmdc.exe
O4 - HKLM\..\StartupApproved\Run32: [IseUI] (1601/01/01) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\StartupApproved\Run32: [PDFPrint] (2015/08/04) D:\Eigene Programme\PDF24\pdf24.exe
O4 - HKLM\..\StartupApproved\Run32: [UIExec] (2016/04/23) D:\1&1\1&1 Surf-Stick\UIExec.exe
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_Dolby] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_LENOVO_MICPKEY] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY
O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] (1601/01/01) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\StartupApproved\Run: [RtsFT] (1601/01/01) C:\WINDOWS\RTFTrack.exe
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\StartupApproved\Run: [SynTPEnh] (1601/01/01) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] (2015/08/04) C:\Program Files\iTunes\iTunesHelper.exe
O4-32 - HKLM\..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4-32 - HKLM\..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s
O9-32 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9-32 - Extra button: (no name) - HKLM\..\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9-32 - Extra button: Mobilen Favoriten erstellen - HKLM\..\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O17 - DHCP DNS - 1: 192.168.178.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - ShellIconOverlayIdentifiers: BackedUpOverlay Class - {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: Enhanced Storage Icon Overlay Handler Class - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} - C:\Windows\System32\EhStorShell.dll
O21 - ShellIconOverlayIdentifiers: PendingOverlay Class - {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: RootFolderOverlay Class - {A759AFF6-5851-457D-A540-F4ECED148351} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: SharedOverlay Class - {1574C9EF-7D58-488F-B358-8B78C1538F51} - C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (file missing)
O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Invitation"
O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Invitation"
O22 - Task: (Ready) EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Invitation"
O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Update"
O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Update"
O22 - Task: (Ready) EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Update"
O22 - Task: (Ready) Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O22 - Task: (disabled) (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --telemetry
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\StartupAppTask - C:\WINDOWS\system32\rundll32.exe Startupscan.dll,SusRunTask
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\BthSQM - {C8367320-6F85-11E0-A1F0-0800200C9A66},SYSTEM - C:\WINDOWS\System32\BthTelemetry.dll
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Consolidator - C:\WINDOWS\System32\wsqmcons.exe
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip - {C27F6B1D-FE0B-45E4-9257-38799FA69BC8},SYSTEM - C:\WINDOWS\System32\usbceip.dll
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\IME\SQM data sender - {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} - C:\Windows\System32\IME\shared\imecfm.dll
O22 - Task: (disabled) Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) AdobeAAMUpdater-1.0-Silberlocke-Julia - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (file missing)
O22 - Task: (disabled) CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch (file missing)
O22 - Task: (disabled) Dolby Selector - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart (file missing)
O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Invitation"
O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Invitation"
O22 - Task: (disabled) EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Invitation"
O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{32AA5F3E-42AF-416D-93A7-97E0483F7BC7}" /F:"Update"
O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{5F7996FF-B50D-4D17-B92F-F39799635033}" /F:"Update"
O22 - Task: (disabled) EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE /EXE:"{AEE47A68-7976-4063-8DD5-B4B8A7776E2E}" /F:"Update"
O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
O22 - Task: (disabled) IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
O22 - Task: (disabled) OneDrive Standalone Update Task - C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe (file missing)
O22 - Task: (disabled) Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002 - {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF},$(Arg0) - C:\Windows\System32\twinapi.dll
O22 - Task: (disabled) Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006 - {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF},$(Arg0) - C:\Windows\System32\twinapi.dll
O22 - Task: (disabled) \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O22 - Task: (disabled) \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627}
O22 - Task: (disabled) \COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D}
O22 - Task: (disabled) \COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
O22 - Task: (disabled) \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
O22 - Task: (disabled) \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
O22 - Task: (disabled) \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll
O22 - Task: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll
O22 - Task: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) - {CF2CF428-325B-48D3-8CA8-7633E36E5A32} - C:\WINDOWS\system32\msdrm.dll
O22 - Task: (disabled) \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) - {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} - C:\WINDOWS\system32\msdrm.dll
O22 - Task: (disabled) \Microsoft\Windows\AppID\EDP Policy Manager - {DECA92E0-AF85-439E-9204-86679978DA08},EdpPolicyManager - C:\WINDOWS\System32\AppLockerCsp.dll
O22 - Task: (disabled) \Microsoft\Windows\AppID\PolicyConverter - C:\WINDOWS\system32\appidpolicyconverter.exe
O22 - Task: (disabled) \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - C:\WINDOWS\system32\appidcertstorecheck.exe
O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\CleanupTemporaryState - C:\WINDOWS\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\DsSvcCleanup - C:\WINDOWS\system32\dstokenclean.exe
O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\appuriverifierdaily - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
O22 - Task: (disabled) \Microsoft\Windows\ApplicationData\appuriverifierinstall - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
O22 - Task: (disabled) \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
O22 - Task: (disabled) \Microsoft\Windows\Autochk\Proxy - C:\WINDOWS\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
O22 - Task: (disabled) \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task: (disabled) \Microsoft\Windows\Bluetooth\UninstallDeviceTask - C:\WINDOWS\system32\BthUdTask.exe $(Arg0)
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},AIKCertEnroll - C:\WINDOWS\system32\ngctasks.dll
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},CryptoPolicy - C:\WINDOWS\system32\ngctasks.dll
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\KeyPreGenTask - {47E30D54-DAC1-473A-AFF7-2355BF78881F},NGCKeyPregen - C:\WINDOWS\system32\ngctasks.dll
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\SystemTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},SYSTEM - C:\WINDOWS\system32\dimsjob.dll
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\UserTask - {58FB76B9-AC85-4E55-AC04-427593B1D060},USER - C:\WINDOWS\system32\dimsjob.dll
O22 - Task: (disabled) \Microsoft\Windows\CertificateServicesClient\UserTask-Roam - {58FB76B9-AC85-4E55-AC04-427593B1D060},KEYROAMING - C:\WINDOWS\system32\dimsjob.dll
O22 - Task: (disabled) \Microsoft\Windows\Chkdsk\ProactiveScan - {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} - C:\Windows\System32\pstask.dll
O22 - Task: (disabled) \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe C:\WINDOWS /sysrepair
O22 - Task: (disabled) \Microsoft\Windows\DUSM\dusmtask - C:\WINDOWS\System32\dusmtask.exe
O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll
O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery - {DCFD3EA8-D960-4719-8206-490AE315F94F},-CrashRecovery - C:\Windows\System32\discan.dll
O22 - Task: (disabled) \Microsoft\Windows\Defrag\ScheduledDefrag - C:\WINDOWS\system32\defrag.exe -c -h -o -$
O22 - Task: (disabled) \Microsoft\Windows\Device Setup\Metadata Refresh - {23C1F3CF-C110-4512-ACA9-7B6174ECE888} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\HandleCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-HandleCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand - {AE31B729-D5FD-401E-AF42-784074835AFE},-WnsCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck - {AE31B729-D5FD-401E-AF42-784074835AFE},-IntegrityCheck - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession - {AE31B729-D5FD-401E-AF42-784074835AFE},-UserSessionCommand - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -AccountChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ConnectedToNetwork - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ScreenOnOff - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange -Full - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterUserDevice -NewAccount - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task: (disabled) \Microsoft\Windows\Diagnosis\Scheduled - {C1F85EF8-BCC2-4606-BB39-70C523715EB3} - C:\WINDOWS\System32\sdiagschd.dll
O22 - Task: (disabled) \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\WINDOWS\system32\cleanmgr.exe /autoclean /d C:
O22 - Task: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - C:\WINDOWS\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
O22 - Task: (disabled) \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - C:\WINDOWS\system32\DFDWiz.exe
O22 - Task: (disabled) \Microsoft\Windows\DiskFootprint\Diagnostics - C:\WINDOWS\system32\disksnapshot.exe -z
O22 - Task: (disabled) \Microsoft\Windows\DiskFootprint\StorageSense - {AB2A519B-03B0-43CE-940A-A73DF850B49A} - C:\WINDOWS\system32\StorageUsage.dll
O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task: (disabled) \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task: (disabled) \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task: (disabled) \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - C:\WINDOWS\system32\MDMAgent.exe
O22 - Task: (disabled) \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll
O22 - Task: (disabled) \Microsoft\Windows\Feedback\Siuf\DmClient - C:\WINDOWS\system32\dmclient.exe
O22 - Task: (disabled) \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - C:\WINDOWS\system32\dmclient.exe utcwnf
O22 - Task: (disabled) \Microsoft\Windows\FileHistory\File History (maintenance mode) - {89917B7C-A1A6-11DF-8BF6-18A90531A85A} - C:\WINDOWS\System32\fhtask.dll
O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\Installation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Install $(Arg0) - C:\Windows\System32\LanguageComponentsInstaller.dll
O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation - {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE},Uninstall - C:\Windows\System32\LanguageComponentsInstaller.dll
O22 - Task: (disabled) \Microsoft\Windows\License Manager\TempSignedLicenseExchange - {77646A68-AD14-4D53-897D-7BE4DDE5F929} - C:\Windows\System32\TempSignedLicenseExchangeTask.dll
O22 - Task: (disabled) \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe
O22 - Task: (disabled) \Microsoft\Windows\Location\WindowsActionDialog - C:\WINDOWS\System32\WindowsActionDialog.exe
O22 - Task: (disabled) \Microsoft\Windows\MUI\LPRemove - C:\WINDOWS\system32\lpremove.exe
O22 - Task: (disabled) \Microsoft\Windows\Maintenance\WinSAT - {A9A33436-678B-4C9C-A211-7CC38785E79D} - C:\WINDOWS\system32\WinSATAPI.dll
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task: (disabled) \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task: (disabled) \Microsoft\Windows\Maps\MapsUpdateTask - {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} - C:\WINDOWS\System32\mapsupdatetask.dll
O22 - Task: (disabled) \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Event - C:\WINDOWS\System32\MemoryDiagnostic.dll
O22 - Task: (disabled) \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic - {8168E74A-B39F-46D8-ADCD-7BED477B80A3},Time - C:\WINDOWS\System32\MemoryDiagnostic.dll
O22 - Task: (disabled) \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe
O22 - Task: (disabled) \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Multimedia\SystemSoundsService - {2DEA658F-54C1-4227-AF9B-260AB5FC3543} - C:\WINDOWS\System32\PlaySndSrv.dll
O22 - Task: (disabled) \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs
O22 - Task: (disabled) \Microsoft\Windows\PI\Secure-Boot-Update - {5014B7C8-934E-4262-9816-887FA745A6C4},SBServicing - C:\WINDOWS\system32\TpmTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\PI\Sqm-Tasks - {5014B7C8-934E-4262-9816-887FA745A6C4},PiSqmTasks - C:\WINDOWS\system32\TpmTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Device Install Group Policy - {60400283-B242-4FA8-8C25-CAF695B88209} - C:\Windows\System32\pnppolicy.dll
O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Device Install Reboot Required - {48794782-6A1F-47B9-BD52-1D5F95D49C1B} - C:\Windows\System32\pnpui.dll
O22 - Task: (disabled) \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - C:\WINDOWS\System32\drvinst.exe 6
O22 - Task: (disabled) \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - {927EA2AF-1C54-43D5-825E-0074CE028EEE} - C:\WINDOWS\System32\energytask.dll
O22 - Task: (disabled) \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe
O22 - Task: (disabled) \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login
O22 - Task: (disabled) \Microsoft\Windows\Ras\MobilityManager - {C463A0FC-794F-4FDF-9201-01938CEACAFA} - C:\WINDOWS\system32\rasmbmgr.dll
O22 - Task: (disabled) \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE - {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047},VerifyWinRE - C:\WINDOWS\System32\ReAgentTask.dll
O22 - Task: (disabled) \Microsoft\Windows\Registry\RegIdleBackup - {CA767AA8-9157-4604-B64B-40747123D5F2} - C:\WINDOWS\System32\regidle.dll
O22 - Task: (disabled) \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - C:\WINDOWS\system32\RAServer.exe /offerraupdate
O22 - Task: (disabled) \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: (disabled) \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: (disabled) \Microsoft\Windows\Servicing\StartComponentCleanup - {752073A1-23F2-4396-85F0-8FDB879ED0ED} - C:\WINDOWS\servicing\TrustedInstaller.exe
O22 - Task: (disabled) \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - C:\WINDOWS\system32\SettingSyncCore.dll
O22 - Task: (disabled) \Microsoft\Windows\SettingSync\BackupTask - {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} - C:\WINDOWS\system32\SettingSyncCore.dll
O22 - Task: (disabled) \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - C:\WINDOWS\system32\SettingSyncCore.dll
O22 - Task: (disabled) \Microsoft\Windows\Setup\SetupCleanupTask - {7C83C056-1D0D-4C8E-A6B0-89E79C213559} - C:\WINDOWS\system32\oobe\SetupCleanupTask.dll
O22 - Task: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyRefreshTask - {C844C79D-AED8-4DCE-AB25-4D359BED84F8},$(Arg0) - C:\WINDOWS\System32\WpcRefreshTask.dll
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyUpload - {EBF00FCB-0769-4B81-9BEC-6C05514111AA},4 - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\IndexerAutomaticMaintenance - {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} - C:\WINDOWS\System32\srchadmin.dll
O22 - Task: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\WINDOWS\System32\sppcext.dll
O22 - Task: (disabled) \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},network - C:\WINDOWS\System32\sppcext.dll
O22 - Task: (disabled) \Microsoft\Windows\SpacePort\SpaceAgentTask - C:\WINDOWS\system32\SpaceAgent.exe
O22 - Task: (disabled) \Microsoft\Windows\SpacePort\SpaceManagerTask - C:\WINDOWS\system32\spaceman.exe /Work
O22 - Task: (disabled) \Microsoft\Windows\Speech\SpeechModelDownloadTask - C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe
O22 - Task: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization - {5C9AB547-345D-4175-9AF6-65133463A100} - C:\WINDOWS\system32\TieringEngineService.exe
O22 - Task: (disabled) \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - C:\WINDOWS\system32\defrag.exe -c -h -g -# -m 8 -i 13500
O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate - {17C82257-654E-4C47-8E23-DCA24EAA76A0} - C:\WINDOWS\system32\sysmain.dll
O22 - Task: (disabled) \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance - {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} - C:\WINDOWS\system32\sysmain.dll
O22 - Task: (disabled) \Microsoft\Windows\Sysmain\ResPriStaticDbSync - {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} - C:\WINDOWS\system32\sysmain.dll
O22 - Task: (disabled) \Microsoft\Windows\SystemRestore\SR - C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation
O22 - Task: (disabled) \Microsoft\Windows\TPM\Tpm-HASCertRetr - {5014B7C8-934E-4262-9816-887FA745A6C4},HASCertRetr - C:\WINDOWS\system32\TpmTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\TPM\Tpm-Maintenance - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmTasks - C:\WINDOWS\system32\TpmTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\Task Manager\Interactive - {855FEC53-D2E4-4999-9E87-3414E9CF0FF4},$(Arg0) - C:\WINDOWS\system32\wdc.dll
O22 - Task: (disabled) \Microsoft\Windows\TextServicesFramework\MsCtfMonitor - {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} - C:\WINDOWS\system32\MsCtfMonitor.dll
O22 - Task: (disabled) \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime - {A31AD6C2-FF4C-43D4-8E90-7101023096F9},TimeSyncTask - C:\WINDOWS\system32\TimeSyncTask.dll
O22 - Task: (disabled) \Microsoft\Windows\Time Synchronization\SynchronizeTime - C:\WINDOWS\system32\sc.exe start w32time task_started
O22 - Task: (disabled) \Microsoft\Windows\Time Zone\SynchronizeTimeZone - C:\WINDOWS\system32\tzsync.exe
O22 - Task: (disabled) \Microsoft\Windows\UPnP\UPnPHostConfig - C:\WINDOWS\system32\sc.exe config upnphost start= auto
O22 - Task: (disabled) \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Maintenance Install - C:\WINDOWS\system32\usoclient.exe StartInstall
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot - C:\WINDOWS\system32\MusNotification.exe
O22 - Task: (disabled) \Microsoft\Windows\User Profile Service\HiveUploadTask - {BA677074-762C-444B-94C8-8C83F93F6605} - C:\WINDOWS\system32\profsvc.dll
O22 - Task: (disabled) \Microsoft\Windows\WDI\ResolutionHost - {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} - C:\WINDOWS\System32\wdi.dll
O22 - Task: (disabled) \Microsoft\Windows\WOF\WIM-Hash-Management - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashManagement - C:\WINDOWS\system32\WofTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\WOF\WIM-Hash-Validation - {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1},WimHashValidation - C:\WINDOWS\system32\WofTasks.dll
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - C:\WINDOWS\System32\WaaSMedic.exe None
O22 - Task: (disabled) \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - C:\WINDOWS\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
O22 - Task: (disabled) \Microsoft\Windows\Windows Media Sharing\UpdateLibrary - C:\Program Files\Windows Media Player\wmpnscfg.exe
O22 - Task: (disabled) \Microsoft\Windows\WindowsColorSystem\Calibration Loader - {B210D694-C8DF-490D-9576-9E20CDBC20BD} - C:\Windows\System32\mscms.dll
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall - {EFF7F153-1C97-417A-B633-FEDE6683A939} - C:\WINDOWS\system32\wuaueng.dll
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUScheduledInstall - {F3B4E234-7A68-4E43-B813-E4BA55A065F6} - C:\WINDOWS\system32\wuaueng.dll
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\AUSessionConnect - {784E29F4-5EBE-4279-9948-1E8FE941646D} - C:\WINDOWS\system32\wuaueng.dll
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\Automatic App Update - {A6BA00FE-40E8-477C-B713-C64A14F18ADB} - C:\Windows\System32\wuautoappupdate.dll
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sih - C:\WINDOWS\System32\sihclient.exe
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sihboot - C:\WINDOWS\System32\sihclient.exe /boot
O22 - Task: (disabled) \Microsoft\Windows\Wininet\CacheTask - {0358B920-0AC7-461F-98F4-58E32CD89148} - C:\WINDOWS\system32\wininet.dll
O22 - Task: (disabled) \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization - {97D47D56-3777-49FB-8E8F-90D7E30E1A1E},Logon - C:\Windows\System32\WorkFoldersShell.dll
O22 - Task: (disabled) \Microsoft\Windows\Work Folders\Work Folders Maintenance Work - {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} - C:\Windows\System32\WorkFoldersShell.dll
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\WINDOWS\System32\dsregcmd.exe
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - C:\WINDOWS\System32\AutoWorkplace.exe join (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery
O22 - Task: (disabled) \Microsoft\XblGameSave\XblGameSaveTask - C:\WINDOWS\System32\XblGameSaveTask.exe standby
O22 - Task: (disabled) \Microsoft\XblGameSave\XblGameSaveTaskLogon - C:\WINDOWS\System32\XblGameSaveTask.exe logon
O22 - Task: (disabled) {31DDBD37-5DB7-4030-8064-10B0CAA806C3} - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O22 - Task: User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206} - C:\WINDOWS\system32\msfeedssync.exe sync
O22 - Task: User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024} - C:\WINDOWS\system32\msfeedssync.exe sync
O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll
O22 - Task: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll
O22 - Task: \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll
O22 - Task: \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},timer - C:\WINDOWS\System32\sppcext.dll
O22 - Task: \Microsoft\Windows\Sysmain\WsSwapAssessmentTask - C:\WINDOWS\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan - C:\WINDOWS\system32\usoclient.exe StartScan
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - C:\WINDOWS\system32\MusNotification.exe Display
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Arbeitsstationsdienst - (LanmanWorkstation) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wkssvc.dll
O23 - Service R2: Aufgabenplanung - (Schedule) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\schedsvc.dll
O23 - Service R2: Automatische WLAN-Konfiguration - (WlanSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wlansvc.dll
O23 - Service R2: Basisfiltermodul - (BFE) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bfe.dll
O23 - Service R2: Benachrichtigungsdienst für Systemereignisse - (SENS) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\sens.dll
O23 - Service R2: Benutzer-Manager - (UserManager) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\usermgr.dll
O23 - Service R2: Benutzerdienst für die Plattform für verbundene Geräte - (CDPUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\CDPUserSvc.dll
O23 - Service R2: Benutzererfahrung und Telemetrie im verbundenen Modus - (DiagTrack) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\diagtrack.dll
O23 - Service R2: Benutzerprofildienst - (ProfSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\profsvc.dll
O23 - Service R2: BrcmSetSecurity - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service R2: COM+-Ereignissystem - (EventSystem) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\es.dll
O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service R2: DCOM-Server-Prozessstart - (DcomLaunch) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\rpcss.dll
O23 - Service R2: DHCP-Client - (Dhcp) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dhcpcore.dll
O23 - Service R2: DNS-Client - (Dnscache) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dnsrslvr.dll
O23 - Service R2: Datennutzung - (DusmSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dusmsvc.dll
O23 - Service R2: Designs - (Themes) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\themeservice.dll
O23 - Service R2: Diagnoserichtliniendienst - (DPS) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dps.dll
O23 - Service R2: Dienst "Bonjour" - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Dienst für Bildschirmtastatur und Schreibbereich - (TabletInputService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TabSvc.dll
O23 - Service R2: Druckwarteschlange - (Spooler) - C:\WINDOWS\System32\spoolsv.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: Gerätezuordnungsdienst - (DeviceAssociationService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\das.dll
O23 - Service R2: Gruppenrichtlinienclient - (gpsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\gpsvc.dll
O23 - Service R2: IP-Hilfsdienst - (iphlpsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\iphlpsvc.dll
O23 - Service R2: Infrastrukturdienst für Hintergrundaufgaben - (BrokerInfrastructure) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bisrv.dll
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: Intel(R) Smart Connect Technology Agent - (ISCTAgent) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service R2: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service R2: Kryptografiedienste - (CryptSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\cryptsvc.dll
O23 - Service R2: Lokaler Sitzungs-Manager - (LSM) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lsm.dll
O23 - Service R2: Manager für heruntergeladene Karten - (MapsBroker) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\moshost.dll
O23 - Service R2: NLA (Network Location Awareness) - (NlaSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\nlasvc.dll
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service R2: NVIDIA Network Service - (NvNetworkService) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service R2: NVIDIA Streamer Service - (NvStreamSvc) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service R2: Netzwerkspeicher-Schnittstellendienst - (nsi) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\nsisvc.dll
O23 - Service R2: PDF24 - D:\Eigene Programme\PDF24\pdf24.exe
O23 - Service R2: Plattformdienst für verbundene Geräte - (CDPSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\CDPSvc.dll
O23 - Service R2: RAS-Verbindungsverwaltung - (RasMan) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\rasmans.dll
O23 - Service R2: RPC-Endpunktzuordnung - (RpcEptMapper) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\RpcEpMap.dll
O23 - Service R2: Remoteprozeduraufruf (RPC) - (RpcSs) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\rpcss.dll
O23 - Service R2: Server - (LanmanServer) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\srvsvc.dll
O23 - Service R2: Shellhardwareerkennung - (ShellHWDetection) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\shsvcs.dll
O23 - Service R2: Sicherheitscenter - (wscsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wscsvc.dll
O23 - Service R2: Stromversorgung - (Power) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpo.dll
O23 - Service R2: Superfetch - (SysMain) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sysmain.dll
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: Synchronisierungshost - (OneSyncSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\APHostService.dll
O23 - Service R2: Systemereignissebroker - (SystemEventsBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SystemEventsBrokerServer.dll
O23 - Service R2: UI Assistant Service - D:\1&1\1&1 Surf-Stick\AssistantServices.exe
O23 - Service R2: Windows Defender Firewall - (MpsSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\mpssvc.dll
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R2: Windows Media Player-Netzwerkfreigabedienst - (WMPNetworkSvc) - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service R2: Windows Search - (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service R2: Windows-Audio - (Audiosrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\Audiosrv.dll
O23 - Service R2: Windows-Audio-Endpunkterstellung - (AudioEndpointBuilder) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AudioEndpointBuilder.dll
O23 - Service R2: Windows-Dienst für Schriftartencache - (FontCache) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\FntCache.dll
O23 - Service R2: Windows-Pushbenachrichtigungs-Benutzerdienst - (WpnUserService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\WpnUserService.dll
O23 - Service R2: Windows-Pushbenachrichtigungssystemdienst - (WpnService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WpnService.dll
O23 - Service R2: Windows-Verbindungs-Manager - (Wcmsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wcmsvc.dll
O23 - Service R2: Windows-Verwaltungsinstrumentation - (Winmgmt) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wbem\WMIsvc.dll
O23 - Service R2: isesrv - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service R2: Überwachung verteilter Verknüpfungen (Client) - (TrkWks) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\trkwks.dll
O23 - Service R3: ActiveX-Installer (AxInstSV) - (AxInstSV) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AxInstSV.dll
O23 - Service R3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service R3: AllJoyn-Routerdienst - (AJRouter) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\AJRouter.dll
O23 - Service R3: Anmelde-Assistent für Microsoft-Konten - (wlidsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wlidsvc.dll
O23 - Service R3: Anmeldedienst - (Netlogon) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\netlogon.dll
O23 - Service R3: Anmeldeinformationsverwaltung - (VaultSvc) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\Windows\System32\vaultsvc.dll
O23 - Service R3: Anschlussumleitung für Remotedesktopdienst im Benutzermodus - (UmRdpService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\umrdp.dll
O23 - Service R3: Anwendungsidentität - (AppIDSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\appidsvc.dll
O23 - Service R3: Anwendungsinformationen - (Appinfo) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\appinfo.dll
O23 - Service R3: App-Vorbereitung - (AppReadiness) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\AppReadiness.dll
O23 - Service R3: AppX-Bereitstellungsdienst (AppXSVC) - (AppXSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\appxdeploymentserver.dll
O23 - Service R3: Arbeitsordner - (workfolderssvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\workfolderssvc.dll
O23 - Service R3: Autom. Setup von Geräten, die mit dem Netzwerk verbunden sind - (NcdAutoSetup) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NcdAutoSetup.dll
O23 - Service R3: Automatische Konfiguration (verkabelt) - (dot3svc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\dot3svc.dll
O23 - Service R3: Benutzerdatenspeicher - (UnistoreSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\unistore.dll
O23 - Service R3: Benutzerdatenzugriff - (UserDataSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\userdataservice.dll
O23 - Service R3: BitLocker-Laufwerkverschlüsselungsdienst - (BDESVC) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\bdesvc.dll
O23 - Service R3: Blockebenen-Sicherungsmodul - (wbengine) - C:\WINDOWS\system32\wbengine.exe
O23 - Service R3: Bluetooth-Freisprechdienst - (BthHFSrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\BthHFSrv.dll
O23 - Service R3: Bluetooth-Unterstützungsdienst - (bthserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\bthserv.dll
O23 - Service R3: Broker für DevQuery-Hintergrundermittlung - (DevQueryBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\DevQueryBroker.dll
O23 - Service R3: CNG-Schlüsselisolation - (KeyIso) - C:\WINDOWS\system32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\keyiso.dll
O23 - Service R3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service R3: Computerbrowser - (Browser) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\browser.dll
O23 - Service R3: Dateiversionsverlauf-Dienst - (fhsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fhsvc.dll
O23 - Service R3: Datenfreigabedienst - (DsSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DsSvc.dll
O23 - Service R3: DevicesFlow - (DevicesFlowUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DevicesFlowBroker.dll
O23 - Service R3: Diagnosediensthost - (WdiServiceHost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wdi.dll
O23 - Service R3: Diagnosesystemhost - (WdiSystemHost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wdi.dll
O23 - Service R3: Diagnostic Execution Service - (diagsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\DiagSvc.dll
O23 - Service R3: Dienst "Assistent für lokale Profile" - (wlpasvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lpasvc.dll
O23 - Service R3: Dienst für Einzelhandelsdemos - (RetailDemo) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\RDXService.dll
O23 - Service R3: Dienst für räumliche Daten - (SharedRealitySvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SharedRealitySvc.dll
O23 - Service R3: Distributed Transaction Coordinator - (MSDTC) - C:\WINDOWS\System32\msdtc.exe
O23 - Service R3: Echtzeit-Datenträgerprüfung - (svsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\svsvc.dll
O23 - Service R3: Eingabegerätedienst - (hidserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\hidserv.dll
O23 - Service R3: Eingebetteter Modus - (embeddedmode) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\embeddedmodesvc.dll
O23 - Service R3: Enumeratordienst für tragbare Geräte - (WPDBusEnum) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wpdbusenum.dll
O23 - Service R3: Ereignisse zum Abrufen von Standbildern - (WiaRpc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wiarpc.dll
O23 - Service R3: Erkennung interaktiver Dienste - (UI0Detect) - C:\WINDOWS\system32\UI0Detect.exe
O23 - Service R3: Extensible Authentication-Protokoll - (Eaphost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\eapsvc.dll
O23 - Service R3: Fax - C:\WINDOWS\system32\fxssvc.exe
O23 - Service R3: Funktionssuchanbieter-Host - (fdPHost) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fdPHost.dll
O23 - Service R3: Funktionssuche-Ressourcenveröffentlichung - (FDResPub) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\fdrespub.dll
O23 - Service R3: Funkverwaltungsdienst - (RmSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\RMapi.dll
O23 - Service R3: Gatewaydienst auf Anwendungsebene - (ALG) - C:\WINDOWS\System32\alg.exe
O23 - Service R3: Geolocation-Dienst - (lfsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lfsvc.dll
O23 - Service R3: Geräteinstallations-Manager - (DsmSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\DeviceSetupManager.dll
O23 - Service R3: Geräteinstallationsdienst - (DeviceInstall) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpnpmgr.dll
O23 - Service R3: GraphicsPerfSvc - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\GraphicsPerfSvc.dll
O23 - Service R3: Heimnetzgruppen-Anbieter - (HomeGroupProvider) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\provsvc.dll
O23 - Service R3: Heimnetzgruppen-Listener - (HomeGroupListener) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\ListSvc.dll
O23 - Service R3: Hostdienst für Windows Encryption Provider - (WEPHOSTSVC) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wephostsvc.dll
O23 - Service R3: Hyper-V PowerShell Direct-Dienst - (vmicvmsession) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Datenaustauschdienst - (vmickvpexchange) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Dienst für Zeitsynchronisierung - (vmictimesync) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Dienst zum Herunterfahren des Gasts - (vmicshutdown) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Gastdienstschnittstelle - (vmicguestinterface) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Remotedesktopvirtualisierungsdienst - (vmicrdv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvcext.dll
O23 - Service R3: Hyper-V-Taktdienst - (vmicheartbeat) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvc.dll
O23 - Service R3: Hyper-V-Volumeschattenkopie-Anforderer - (vmicvss) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\icsvcext.dll
O23 - Service R3: IKE- und AuthIP IPsec-Schlüsselerstellungsmodule - (IKEEXT) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ikeext.dll
O23 - Service R3: IPsec-Richtlinien-Agent - (PolicyAgent) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ipsecsvc.dll
O23 - Service R3: Infrarotüberwachungsdienst - (irmon) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\irmon.dll
O23 - Service R3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service R3: Intel(R) Update Manager - (iumsvc) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service R3: Intelligenter Hintergrundübertragungsdienst - (BITS) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\qmgr.dll
O23 - Service R3: Kacheldaten-Modellserver - (tiledatamodelsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\tileobjserver.dll
O23 - Service R3: Konfiguration für Remotedesktops - (SessionEnv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sessenv.dll
O23 - Service R3: Konfigurationsdienst für die IP-Übersetzung - (IpxlatCfgSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\IpxlatCfg.dll
O23 - Service R3: Kontaktdaten - (PimIndexMaintenanceSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PimIndexMaintenance.dll
O23 - Service R3: KtmRm für Distributed Transaction Coordinator - (KtmRm) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\msdtckrm.dll
O23 - Service R3: Laufwerke optimieren - (defragsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\defragsvc.dll
O23 - Service R3: Leistungsindikator-DLL-Host - (PerfHost) - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service R3: Leistungsprotokolle und -warnungen - (pla) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pla.dll
O23 - Service R3: Manager-Dienst für den Funktionszugriff - (camsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\CapabilityAccessManager.dll
O23 - Service R3: MessagingService - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\MessagingService.dll
O23 - Service R3: Microsoft Passport - (NgcSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\ngcsvc.dll
O23 - Service R3: Microsoft Passport-Container - (NgcCtnrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NgcCtnrSvc.dll
O23 - Service R3: Microsoft Windows SMS-Routerdienst. - (SmsRouter) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SmsRouterSvc.dll
O23 - Service R3: Microsoft iSCSI-Initiator-Dienst - (MSiSCSI) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\iscsiexe.dll
O23 - Service R3: Microsoft-SMP für Speicherplätze - (smphost) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\smphost.dll
O23 - Service R3: Microsoft-Softwareschattenkopie-Anbieter - (swprv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\swprv.dll
O23 - Service R3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service R3: Natürliche Authentifizierung - (NaturalAuthentication) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NaturalAuth.dll
O23 - Service R3: Netzwerkeinrichtungsdienst - (NetSetupSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\NetSetupSvc.dll
O23 - Service R3: Netzwerkkonnektivitäts-Assistent - (NcaSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ncasvc.dll
O23 - Service R3: Netzwerklistendienst - (netprofm) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\netprofmsvc.dll
O23 - Service R3: Netzwerkverbindungen - (Netman) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\netman.dll
O23 - Service R3: Netzwerkverbindungsbroker - (NcbService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ncbservice.dll
O23 - Service R3: PNRP-Computernamenveröffentlichungs-Dienst - (PNRPAutoReg) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpauto.dll
O23 - Service R3: Peer Name Resolution-Protokoll - (PNRPsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpsvc.dll
O23 - Service R3: Peernetzwerk-Gruppenzuordnung - (p2psvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\p2psvc.dll
O23 - Service R3: Peernetzwerkidentitäts-Manager - (p2pimsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\pnrpsvc.dll
O23 - Service R3: Plug & Play - (PlugPlay) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\umpnpmgr.dll
O23 - Service R3: PrintWorkflow - (PrintWorkflowUserSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PrintWorkflowService.dll
O23 - Service R3: Printer Extensions and Notifications - (PrintNotify) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
O23 - Service R3: RPC-Locator - (RpcLocator) - C:\WINDOWS\system32\locator.exe
O23 - Service R3: Registrierungsdienst für die Geräteverwaltung - (DmEnrollmentSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\Windows.Internal.Management.dll
O23 - Service R3: Remotedesktopdienste - (TermService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\termsrv.dll
O23 - Service R3: Richtlinie zum Entfernen der Scmartcard - (SCPolicySvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\certprop.dll
O23 - Service R3: SNMP-Trap - (SNMPTRAP) - C:\WINDOWS\System32\snmptrap.exe
O23 - Service R3: SSDP-Suche - (SSDPSRV) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ssdpsrv.dll
O23 - Service R3: SSTP-Dienst - (SstpSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sstpsvc.dll
O23 - Service R3: Sekundäre Anmeldung - (seclogon) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\seclogon.dll
O23 - Service R3: Sensordatendienst - (SensorDataService) - C:\WINDOWS\System32\SensorDataService.exe
O23 - Service R3: Sensordienst - (SensorService) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SensorService.dll
O23 - Service R3: Sensorüberwachungsdienst - (SensrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\sensrsvc.dll
O23 - Service R3: Smartcard-Geräteaufzählungsdienst - (ScDeviceEnum) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\ScDeviceEnum.dll
O23 - Service R3: Speicherdienst - (StorSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\storsvc.dll
O23 - Service R3: Standardsammlungsdienst des Microsoft(R)-Diagnose-Hubs - (diagnosticshub.standardcollector.service) - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
O23 - Service R3: Storage Tiers Management - (TieringEngineService) - C:\WINDOWS\system32\TieringEngineService.exe
O23 - Service R3: TCP/IP-NetBIOS-Hilfsdienst - (lmhosts) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lmhsvc.dll
O23 - Service R3: Telefondienst - (PhoneSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\PhoneService.dll
O23 - Service R3: Telefonie - (TapiSrv) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\tapisrv.dll
O23 - Service R3: UPnP-Gerätehost - (upnphost) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\upnphost.dll
O23 - Service R3: Unterstützung in der Systemsteuerung unter Lösungen für Probleme - (wercplsupport) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wercplsupport.dll
O23 - Service R3: Update Orchestrator Service - (UsoSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\usocore.dll
O23 - Service R3: Verbessertes Windows-Audio/Video-Streaming - (QWAVE) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\qwave.dll
O23 - Service R3: Verbindungs-Manager-Dienst von Wi-Fi Direct Services - (WFDSConMgrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wfdsconmgrsvc.dll
O23 - Service R3: Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm - (lltdsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\lltdsvc.dll
O23 - Service R3: Verschlüsselndes Dateisystem (EFS) - (EFS) - C:\WINDOWS\System32\lsass.exe; "ServiceDll" = C:\WINDOWS\system32\efssvc.dll
O23 - Service R3: Verwaltungsdienst für Unternehmens-Apps - (EntAppSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
O23 - Service R3: Virtueller Datenträger - (vds) - C:\WINDOWS\System32\vds.exe
O23 - Service R3: Volumeschattenkopie - (VSS) - C:\WINDOWS\system32\vssvc.exe
O23 - Service R3: WMI-Leistungsadapter - (wmiApSrv) - C:\WINDOWS\system32\wbem\WmiApSrv.exe
O23 - Service R3: WWAN - automatische Konfiguration - (WwanSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wwansvc.dll
O23 - Service R3: WalletService - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WalletService.dll
O23 - Service R3: WarpJITSvc - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\Windows.WARP.JITService.dll
O23 - Service R3: Web Account Manager - (TokenBroker) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TokenBroker.dll
O23 - Service R3: Webclient - (WebClient) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\webclnt.dll
O23 - Service R3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service R3: Windows Defender Antivirus-Netzwerkinspektionsdienst - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service R3: Windows Perception Service - (spectrum) - C:\WINDOWS\system32\spectrum.exe
O23 - Service R3: Windows PushToInstall-Dienst - (PushToInstall) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\PushToInstall.dll
O23 - Service R3: Windows Store-Installationsdienst - (InstallService) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\InstallService.dll
O23 - Service R3: Windows Update - (wuauserv) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wuaueng.dll
O23 - Service R3: Windows-Bilderfassung (WIA) - (stisvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wiaservc.dll
O23 - Service R3: Windows-Biometriedienst - (WbioSrvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wbiosrvc.dll
O23 - Service R3: Windows-Dienst für mobile Hotspots - (icssvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\tetheringservice.dll
O23 - Service R3: Windows-Ereignissammlung - (Wecsvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\wecsvc.dll
O23 - Service R3: Windows-Fehlerberichterstattungsdienst - (WerSvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\WerSvc.dll
O23 - Service R3: Windows-Insider-Dienst - (wisvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\flightsettings.dll
O23 - Service R3: Windows-Kamera-FrameServer - (FrameServer) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\FrameServer.dll
O23 - Service R3: Windows-Lizenz-Manager-Dienst - (LicenseManager) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\LicenseManagerSvc.dll
O23 - Service R3: Windows-Remoteverwaltung (WS-Verwaltung) - (WinRM) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\WsmSvc.dll
O23 - Service R3: Windows-Sicherung - (SDRSVC) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\SDRSVC.dll
O23 - Service R3: Windows-Sofortverbindung - Konfigurationsregistrierungsstelle - (wcncsvc) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\wcncsvc.dll
O23 - Service R3: Windows-Zeitgeber - (W32Time) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\w32time.dll
O23 - Service R3: Xbox Accessory Management Service - (XboxGipSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XboxGipSvc.dll
O23 - Service R3: Xbox Live Authentifizierungs-Manager - (XblAuthManager) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XblAuthManager.dll
O23 - Service R3: Xbox Live-Netzwerkservice - (XboxNetApiSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\XboxNetApiSvc.dll
O23 - Service R3: Xbox Live-Spiele speichern - (XblGameSave) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\XblGameSave.dll
O23 - Service R3: Zahlungs- und NFC/SE-Manager - (SEMgrSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\SEMgrSvc.dll
O23 - Service R3: Zeitbroker - (TimeBrokerSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\TimeBrokerServer.dll
O23 - Service R3: Zertifikatverteilung - (CertPropSvc) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\certprop.dll
O23 - Service R3: dmwappushsvc - (dmwappushservice) - C:\WINDOWS\system32\svchost.exe; "ServiceDll" = C:\WINDOWS\system32\dmwappushsvc.dll
O23 - Service R3: iPod-Dienst - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service S3: Verwaltung für automatische RAS-Verbindung - (RasAuto) - C:\WINDOWS\System32\svchost.exe; "ServiceDll" = C:\WINDOWS\System32\rasauto.dll
O23 - Service S3: Windows Installer - (msiserver) - C:\WINDOWS\system32\msiexec.exe
O23 - Service S3: Windows Modules Installer - (TrustedInstaller) - C:\WINDOWS\servicing\TrustedInstaller.exe


--
End of file - Time spent: 33 sec. - 149572 bytes, CRC32: FFFFFFFF. Sign: 䂢症

Alt 05.01.2018, 17:29   #2
M-K-D-B
/// TB-Ausbilder
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?








Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.

  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.

  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!

  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Zudem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!

  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!

  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)








Bitte poste mit deiner nächsten Antwort
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Alt 05.01.2018, 20:37   #3
Tim79
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?


Code:
ATTFilter
==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-12-29 19:35

==================== Ende von FRST.txt ============================

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (05-01-2018 20:27:40)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 17:30 - 2018-01-03 17:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 17:30 - 2018-01-03 17:31 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2010-08-20 22:40 - 2015-06-10 21:31 - 000039424 _____ () D:\Eigene Programme\Softonic\gfSubtitlePlayer.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{3769F19F-45C0-4B2D-992B-05223B1FEB94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A342626-5C5E-4DF3-B312-DD83185F5FEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{65B24B18-CDCB-4B5E-9064-A473798272E3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5AA331E6-7532-4FA9-A20D-D92974947955}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13518858-DD80-4C29-991C-55215E5490D8}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [TCP Query User{DE2CDF1A-0743-4F61-BA8E-3C0500CAE274}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [{D4C000ED-633B-437C-8EB6-23354A4EF327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{29069ABE-032B-4B1D-BCB8-3A4A6E622F4A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{86852487-13B2-44F4-A0D4-25BEB4D99FD0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D5F0119A-B223-4964-8B0B-30EACC9EF44A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11C90BAF-CFF3-455D-9E25-25E42FE51BA9}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BE993BAF-47C7-4DD4-81D1-0821AFC86659}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{2E492F64-BF21-4965-B652-41A33109AC2D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E32EA6DB-2EAE-4899-A7C5-AB390D3503AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{72C7970B-E700-4A57-AE46-231EAF98721F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EF2329C-1E60-4408-88A1-6DE50D42B9B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8966330E-BE30-409E-9455-69CE0F12CC90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DEAFF6A-066A-4005-BC7E-084E6E9F82F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DF6C1E60-3670-49D8-8476-E86716187EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B66AFF7-43CB-4338-9552-3A0A7F58E263}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7F0B837-6841-4107-8A87-B492468801F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7F6F61D5-A75C-4F79-B58B-18EE1AF7DDA7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A35D1D2-7451-4A65-8524-40843C07E5F4}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7BF2AFA9-6AE6-4F05-A033-1406997B7C1E}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{989DF027-B861-4B84-856D-2E4D9C1202DB}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{EBEA0B02-973E-467C-98B7-5EFA79ABF598}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{67368898-CBF9-4D59-A4B8-912D7FA4D9A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E68BBC48-4F50-4B90-B97D-DC6A2C097CE8}] => (Allow) LPort=2869
FirewallRules: [{EBD1110E-9E19-4586-B9BC-FCE3346FC181}] => (Allow) LPort=1900
FirewallRules: [{7B1FD2A5-5BAA-41FE-A0AA-67089E5BA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D2526E4-906D-484B-9A5E-E09573052E64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6740FAC6-B707-4D1E-A257-F51B751FBB59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85DB67DF-EB4F-4F93-BB55-D3D07D00EE25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97C79946-10CA-468A-9C93-AAA8E5715DA4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A3907C5E-9D54-4EF3-B09C-6F4E91779960}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0C00DBA0-1681-46D3-892B-0A46B4F12A55}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F59ECA5D-88AB-4B91-8A77-FC9C7E36B0D4}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{8FAF9711-0126-471A-8DF9-E8744801F428}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2fe0

Startzeit: 01d3854b9f2e8cd6

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (01/05/2018 08:27:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/05/2018 08:25:19 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:19:21 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:18:47 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:14:48 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:14:22 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:12:49 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2018 08:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/05/2018 08:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/05/2018 08:12:24 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2018-01-05 20:31:43.291
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-05 20:26:05.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:26:05.599
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:18:03.335
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:18:03.331
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:17:59.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:17:59.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:16:52.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:16:52.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-05 20:16:44.117
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 3821.11 MB
Summe virtueller Speicher: 9864.27 MB
Verfügbarer virtueller Speicher: 5586.98 MB

==================== Laufwerke ================================

Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.38 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:21.26 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)

Partition: GPT.

==================== Ende von Addition.txt ============================
Lieber Matthias,

jetzt schon mal vielen Dank für Deine Hilfe!!! Ich weiß die investierte Zeit sehr zu schätzen.

Ich hoffe, ich habe alle Anweisungen beachtet und fehlerfrei ausgeführt und freue mich auf Deine Rückmeldung!
__________________
Alt 06.01.2018, 11:45   #4
M-K-D-B
/// TB-Ausbilder
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?


Bitte die Logdatei von FRST.txt ist unvollständig. Bitte nochmal posten.

Alt 06.01.2018, 19:10   #5
Tim79
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?


Code:
ATTFilter
==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-10-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [UIExec] => D:\1&1\1&1 Surf-Stick\UIExec.exe [139088 2015-09-26] ()
HKLM-x32\...\Run: [PDFPrint] => D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [Spotify Web Helper] => C:\Users\Timothy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-12] (Spotify Ltd)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2015-09-02] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-10-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-10-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{87b167a3-4b8e-4e22-9800-0a9597ac92df}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c93302ec-c967-489a-9ad3-d1b851f01d41}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

FireFox:
========
FF ProfilePath: C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default [2018-01-06]
FF user.js: detected! => C:\Users\Timothy\AppData\Roaming\Mozilla\Firefox\Profiles\rpk35ggf.default\user.js [2015-06-15]
FF Session Restore: Mozilla\Firefox\Profiles\rpk35ggf.default -> ist aktiviert.
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-01-10] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Eigene Programme\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1821675693-422080741-3404470268-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2015-10-30] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PDF24; D:\Eigene Programme\PDF24\pdf24.exe [217736 2017-03-11] (Geek Software GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-08-14] (Synaptics Incorporated)
R2 UI Assistant Service; D:\1&1\1&1 Surf-Stick\AssistantServices.exe [253264 2015-09-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-25] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-12-29] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-01-06 18:50 - 2018-01-06 18:51 - 000023156 _____ C:\Users\Timothy\Downloads\11.22.63.s01.e03.other.voices.other.rooms.(2016).eng.1cd.(6530964).zip
2018-01-06 18:48 - 2018-01-06 18:53 - 000013747 _____ C:\Users\Timothy\Desktop\FRST.txt
2018-01-06 18:46 - 2018-01-06 18:47 - 000000000 ____D C:\Users\Timothy\Desktop\Farbar
2018-01-06 18:37 - 2018-01-06 18:37 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\SumatraPDF
2018-01-05 22:36 - 2018-01-05 22:36 - 000022210 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e02.the.kill.floor.(2016).eng.1cd.(6517525).zip
2018-01-05 20:57 - 2018-01-05 22:37 - 000000000 ____D C:\Users\Timothy\Desktop\11.22.63
2018-01-05 20:56 - 2018-01-05 20:57 - 000025032 _____ C:\Users\Timothy\Downloads\11-22-63-first-season-english-911599.zip
2018-01-05 20:19 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Desktop\FRST64.exe
2018-01-04 21:28 - 2018-01-04 21:29 - 000076300 _____ C:\Users\Timothy\Downloads\Addition.txt
2018-01-04 21:26 - 2018-01-04 21:29 - 000186375 _____ C:\Users\Timothy\Downloads\FRST.txt
2018-01-04 21:22 - 2018-01-06 18:46 - 000000000 ____D C:\FRST
2018-01-04 21:21 - 2018-01-04 21:21 - 002393088 _____ (Farbar) C:\Users\Timothy\Downloads\FRST64.exe
2018-01-04 20:31 - 2018-01-04 20:31 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Timothy\Downloads\hijackthis.exe
2018-01-04 20:22 - 2018-01-04 20:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Timothy\Downloads\HijackThis - CHIP-Installer.exe
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ___HD C:\Users\Julia\MicrosoftEdgeBackups
2018-01-04 12:04 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia\AppData\Local\DBG
2018-01-04 12:02 - 2018-01-04 12:02 - 000000000 ___RD C:\Users\Julia\3D Objects
2018-01-04 12:01 - 2018-01-04 12:01 - 000000020 ___SH C:\Users\Julia\ntuser.ini
2018-01-02 23:44 - 2018-01-02 23:44 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-01-02 23:44 - 2018-01-02 23:44 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2018-01-02 22:11 - 2018-01-02 22:11 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\Timothy\Downloads\SumatraPDF-3.1.2-install.exe
2018-01-01 18:36 - 2018-01-01 18:33 - 000065318 _____ C:\Users\Timothy\Desktop\S01E01- The Rabbit Hole.eng.srt
2018-01-01 18:35 - 2018-01-01 18:35 - 000025451 _____ C:\Users\Timothy\Downloads\11.22.63.der.anschlag.s01.e01.the.rabbit.hole.(2016).eng.1cd.(6706508).zip
2018-01-01 18:27 - 2018-01-01 18:27 - 000049938 _____ C:\Users\Timothy\Downloads\manchester.by.the.sea.(2016).eng.1cd.(6901378).zip
2017-12-30 21:52 - 2017-12-30 21:52 - 000000000 ____D C:\Users\Timothy\AppData\Local\DBG
2017-12-29 20:17 - 2017-12-29 20:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 20:15 - 2017-12-29 20:15 - 000000000 ___HD C:\Users\Timothy\MicrosoftEdgeBackups
2017-12-29 20:14 - 2017-12-29 20:14 - 000000000 ___RD C:\Users\Timothy\3D Objects
2017-12-29 20:13 - 2017-12-29 20:13 - 000000020 ___SH C:\Users\Timothy\ntuser.ini
2017-12-29 20:12 - 2018-01-04 21:19 - 007459424 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-29 20:12 - 2017-12-30 21:08 - 000000000 ___HD C:\VTRoot
2017-12-29 20:09 - 2018-01-06 18:37 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{378B9684-447C-4B1D-8F30-A43196F33206}
2017-12-29 20:09 - 2018-01-04 12:31 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A1B2899-EA36-407B-8ADB-E49F6887C024}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003510 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:10 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-29 20:09 - 2017-12-29 20:10 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:10 - 000002826 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 20:09 - 2017-12-29 20:10 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia
2017-12-29 20:09 - 2017-12-29 20:09 - 000003438 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}
2017-12-29 20:09 - 2017-12-29 20:09 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-29 20:09 - 2017-12-29 20:09 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1821675693-422080741-3404470268-1002
2017-12-29 20:09 - 2017-12-29 20:09 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1821675693-422080741-3404470268-1006
2017-12-29 20:09 - 2017-12-29 20:09 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-29 20:09 - 2017-12-29 20:09 - 000002550 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-29 20:09 - 2017-12-29 20:09 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-12-29 20:09 - 2017-12-29 20:09 - 000001908 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2017-12-29 20:09 - 2017-12-29 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-29 20:09 - 2017-12-29 20:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-29 20:09 - 2017-04-11 09:55 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 20:07 - 2017-12-29 20:09 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 19:57 - 2017-12-30 21:31 - 001908440 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 19:46 - 2017-12-29 19:46 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 19:45 - 2017-12-29 19:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 19:41 - 2017-12-30 19:39 - 000000000 ____D C:\Users\Timothy\AppData\Local\Packages
2017-12-29 19:40 - 2018-01-04 12:23 - 000000000 ____D C:\Users\Julia\AppData\Local\Packages
2017-12-29 19:39 - 2018-01-04 12:04 - 000000000 ____D C:\Users\Julia
2017-12-29 19:39 - 2017-12-29 20:15 - 000000000 ____D C:\Users\Timothy
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Timothy\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Vorlagen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Startmenü
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Netzwerkumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Lokale Einstellungen
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Eigene Dateien
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Druckumgebung
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Videos
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Musik
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Documents\Eigene Bilder
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Verlauf
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\AppData\Local\Anwendungsdaten
2017-12-29 19:39 - 2017-12-29 19:39 - 000000000 _SHDL C:\Users\Julia\Anwendungsdaten
2017-12-29 19:37 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 19:37 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 19:37 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 19:35 - 2018-01-05 23:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 19:35 - 2017-12-29 19:53 - 000258992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-29 19:31 - 2017-12-29 20:12 - 000000000 ____D C:\Windows.old
2017-12-29 19:05 - 2017-12-29 19:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-29 19:01 - 2017-12-29 19:05 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files\MSBuild
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-29 18:58 - 2017-12-29 18:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-29 18:56 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:56 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 18:55 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-29 18:55 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-29 18:38 - 2017-12-29 18:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-29 17:52 - 2017-12-30 08:48 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 12:12 - 2017-12-29 19:54 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-12-29 12:05 - 2017-12-29 12:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET97B.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET34F.tmp
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 _____ C:\WINDOWS\system32\SET213.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\SETB225.tmp
2017-12-29 10:47 - 2017-12-29 10:47 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAFC1.tmp
2017-12-28 17:43 - 2017-12-29 17:52 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-28 17:41 - 2017-12-28 17:41 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-28 17:29 - 2016-12-29 14:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-22 16:04 - 2017-12-22 16:04 - 000000000 ____D C:\Users\Julia\AppData\Local\CrashDumps
2017-12-22 12:13 - 2017-12-29 20:12 - 000000000 ___HD C:\$GetCurrent
2017-12-22 12:12 - 2017-12-29 20:13 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 12:12 - 2017-12-29 16:16 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-12-20 21:53 - 2017-12-20 21:53 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-19 06:23 - 2017-12-19 06:23 - 000000000 ____D C:\Users\Timothy\AppData\Local\UNP
2017-12-18 22:24 - 2017-12-18 22:24 - 000001251 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2017-12-18 22:23 - 2017-12-18 22:23 - 000000000 ____D C:\Program Files (x86)\COMODO
2017-12-18 22:23 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-18 22:23 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-18 22:23 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-18 22:20 - 2017-12-18 22:20 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-18 22:19 - 2017-12-18 22:20 - 005500784 _____ (COMODO) C:\Users\Timothy\Downloads\cispremium_installer_6100_08.exe
2017-12-18 22:02 - 2017-12-29 19:31 - 000000000 ____D C:\Program Files\UNP
2017-12-14 15:38 - 2017-12-18 22:02 - 000000000 ____D C:\Program Files\rempl
2017-12-14 02:32 - 2017-12-29 18:58 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 02:32 - 2017-12-14 02:32 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:32 - 2017-12-14 02:32 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:32 - 2017-12-14 02:32 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-08 23:32 - 2017-05-31 22:24 - 000051176 _____ C:\Users\Timothy\Desktop\House.of.Cards.2013.S05E04.720p.WEBRip.x264-MOROSE.srt
2017-12-08 23:31 - 2017-12-08 23:31 - 000020535 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-4-english-36817.zip
2017-12-08 22:37 - 2017-12-08 22:37 - 000021989 _____ C:\Users\Timothy\Downloads\house-of-cards-season-5-episode-3-english-36816.zip
2017-12-08 21:14 - 2017-12-08 21:14 - 000139283 _____ C:\Users\Timothy\Downloads\The.Hateful.Eight.2015.720p.BluRay.x264-[YTS.AG].srt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-01-06 18:52 - 2014-08-19 20:27 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\vlc
2018-01-06 18:50 - 2017-04-11 20:38 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-01-06 18:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-06 18:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-06 18:34 - 2017-01-28 21:24 - 000000000 ____D C:\Users\Timothy\AppData\LocalLow\Mozilla
2018-01-06 18:33 - 2014-08-20 20:43 - 000000000 __SHD C:\Users\Timothy\IntelGraphicsProfiles
2018-01-06 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-06 18:32 - 2016-09-22 20:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-05 20:11 - 2014-10-30 18:49 - 000000000 __SHD C:\Users\Julia\IntelGraphicsProfiles
2018-01-05 07:52 - 2017-02-01 07:50 - 000000000 ____D C:\Users\Julia\AppData\LocalLow\Mozilla
2018-01-04 12:02 - 2015-09-01 19:42 - 000000000 ____D C:\Users\Julia\AppData\Local\TileDataLayer
2018-01-04 12:02 - 2014-08-20 02:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-03 17:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-02 22:12 - 2015-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-02 17:45 - 2014-08-19 20:12 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-01-01 18:53 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-01 18:20 - 2015-06-03 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-01 18:19 - 2017-01-28 21:24 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-01 18:19 - 2017-01-28 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-01 18:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-31 11:09 - 2014-11-01 16:42 - 000002027 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-12-31 11:09 - 2014-09-02 20:04 - 000000000 ____D C:\Program Files (x86)\Sonos
2017-12-31 11:08 - 2014-09-02 20:04 - 000000000 ____D C:\Users\Timothy\AppData\Local\Downloaded Installations
2017-12-30 21:31 - 2017-09-30 15:35 - 000834104 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-30 21:31 - 2017-09-30 15:35 - 000171582 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-30 19:39 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-29 20:14 - 2015-09-01 12:47 - 000000000 ____D C:\Users\Timothy\AppData\Local\TileDataLayer
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 20:10 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-29 20:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-29 20:05 - 2014-08-20 23:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 19:57 - 2013-10-29 19:07 - 001874790 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 19:54 - 2013-10-29 19:26 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-12-29 19:53 - 2016-09-22 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-29 19:52 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-29 19:52 - 2016-01-06 22:42 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:52 - 2014-08-19 20:26 - 000000000 ____D C:\Users\Timothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 19:46 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 19:38 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:38 - 2016-09-22 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-29 19:37 - 2016-09-22 20:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 19:37 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-29 19:35 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-29 19:31 - 2017-10-11 07:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-29 19:31 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-29 19:31 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-29 19:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-29 19:31 - 2017-07-19 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-12-29 19:31 - 2017-03-11 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-12-29 19:31 - 2016-09-22 20:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-29 19:31 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Intel
2017-12-29 19:31 - 2016-07-30 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-29 19:31 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-29 19:31 - 2016-07-14 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-12-29 19:31 - 2016-01-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-29 19:31 - 2015-10-21 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SupportAppCB
2017-12-29 19:31 - 2015-09-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Surf-Stick
2017-12-29 19:31 - 2015-06-17 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-29 19:31 - 2015-03-01 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-29 19:31 - 2015-02-20 21:57 - 000000000 ____D C:\WINDOWS\de
2017-12-29 19:31 - 2015-01-23 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-29 19:31 - 2014-08-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2017-12-29 19:31 - 2013-10-29 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2017-12-29 19:31 - 2013-10-29 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-12-29 19:31 - 2013-10-29 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2017-12-29 19:31 - 2013-10-29 19:08 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-12-29 19:31 - 2013-10-29 18:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-29 19:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-29 19:11 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-29 19:10 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-29 19:07 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-29 19:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-29 19:06 - 2016-04-13 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-12-29 19:06 - 2015-06-15 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-29 19:05 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-29 19:05 - 2016-09-22 20:36 - 000000000 ____D C:\Program Files\Realtek
2017-12-29 19:05 - 2016-09-22 20:34 - 000000000 ____D C:\Program Files\Synaptics
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-29 18:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-12-29 12:12 - 2016-07-30 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-12-28 17:45 - 2014-08-20 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-28 17:40 - 2014-08-20 17:20 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-18 22:23 - 2015-06-17 08:05 - 000000000 ____D C:\ProgramData\Comodo
2017-12-15 20:44 - 2015-09-01 19:44 - 000000000 ____D C:\Users\Julia\AppData\Local\Publishers
2017-12-15 20:44 - 2015-09-01 12:49 - 000000000 ____D C:\Users\Timothy\AppData\Local\Publishers
2017-12-15 20:34 - 2014-09-20 19:19 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:33 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:33 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:33 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-14 02:33 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-14 02:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-19 19:34 - 2015-11-02 20:07 - 000376689 _____ () C:\Users\Timothy\AppData\Roaming\AbsoluteReminder.xml
2017-04-22 11:49 - 2017-04-22 11:49 - 000000017 _____ () C:\Users\Timothy\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-12-29 19:35

==================== Ende von FRST.txt ============================
Oh ja, das sieht jetzt beim zweiten Versuch deutlich ausführlicher aus.

Geändert von Tim79 (06.01.2018 um 19:09 Uhr)

Alt 06.01.2018, 19:13   #6
Tim79
 
Virenverdacht. Kann jemand Logfile analysieren? - Standard

Virenverdacht. Kann jemand Logfile analysieren?


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.01.2018
durchgeführt von Timothy (06-01-2018 18:55:44)
Gestartet von C:\Users\Timothy\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-29 19:12:54)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1821675693-422080741-3404470268-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1821675693-422080741-3404470268-503 - Limited - Disabled)
Gast (S-1-5-21-1821675693-422080741-3404470268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1821675693-422080741-3404470268-1008 - Limited - Enabled)
Julia (S-1-5-21-1821675693-422080741-3404470268-1006 - Limited - Enabled) => C:\Users\Julia
Sonos (S-1-5-21-1821675693-422080741-3404470268-1005 - Limited - Enabled)
Timothy (S-1-5-21-1821675693-422080741-3404470268-1002 - Administrator - Enabled) => C:\Users\Timothy
WDAGUtilityAccount (S-1-5-21-1821675693-422080741-3404470268-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{1BF90AC2-E077-4EC0-810B-003DC9D65C91}) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.2.6420 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.4.48021 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.2.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.2.6 - Wondershare Software Co.,Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-11-21] (COMODO)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {022C3E73-623B-416E-87C8-6D37588BBEA3} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {052C5014-A8F2-47D9-9E1A-0F932488B49F} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {0F3D421F-BE82-4EA4-A643-B097B13802E4} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {1C1E111B-0033-4517-8F99-0F4480BF069D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1DB99919-D027-4CD9-93FA-0DB8956A3B93} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {1DF3CE40-AE13-4838-A343-077FD5CE8875} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2321C268-CEDA-4AF4-9216-F71FDA2EBC17} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {395ACD88-7C88-412E-96F3-352039D8A7D1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {3BBC074D-18F5-4F86-9DF5-05A34A240E68} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-11-21] (COMODO)
Task: {41832ABA-347E-4BAF-9172-E941B4DACC98} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {41AA0F70-0ABF-438E-92D9-E003482A2F64} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {48D91DD1-BF0B-4B48-8B73-49F75343D81F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B13520A-BDFF-4571-8A22-C0CC634ADF46} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {55B77248-1AC8-4790-A5D4-60614EE6DCD6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {55BA4F06-6D4E-40DD-A267-58603B37382F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {6632F2FC-C170-4FE9-A8EF-C5F7D529E395} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {6B101A77-5410-4C7C-9B0A-42FDE516AB41} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {70E5277C-BA4A-4AF3-B907-B8E1A23D9BC7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {796753A0-F04A-4815-80D3-DBF2D4FE4868} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CF0857B-0DB6-498B-A9C7-D8FDDD2635F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8073A232-0372-42CE-B418-726684744DF4} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {8920F62C-D829-45AD-B063-D00262848A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {99583A25-C375-4862-BE56-9BF52D323003} - System32\Tasks\AdobeAAMUpdater-1.0-Silberlocke-Julia => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {9DAAAFF9-F2B5-4D0F-BA2D-E5CD08B4ABF6} - System32\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {A28B4BF9-FBBF-45A3-8343-C82D6CCEB00B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-10-03] (Intel Corporation)
Task: {B03BE444-E962-4094-8581-C51BBA078634} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {B4B5A414-0361-4A7F-8890-13A63AB2A036} - System32\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {BFFCA306-2E5A-49C9-A73F-CAADCA26412F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-11-21] (COMODO)
Task: {C9F3C7B6-BD6D-4E88-8F05-D1BEA64E4EDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1E7244E-BA89-4EED-8F58-F74C59D246D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DCC8042B-4207-4528-857B-DA5724573C6F} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2015-09-02] (SEIKO EPSON CORPORATION)
Task: {DFB98817-22F2-44F7-B0BD-AC11EE978F4F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2017-11-21] (COMODO)
Task: {FCF03BEF-9FA4-47EA-A1D5-B538B14E9A3F} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {32AA5F3E-42AF-416D-93A7-97E0483F7BC7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{32AA5F3E-42AF-416D-93A7-97E0483F7BC7} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {5F7996FF-B50D-4D17-B92F-F39799635033}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{5F7996FF-B50D-4D17-B92F-F39799635033} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {AEE47A68-7976-4063-8DD5-B4B8A7776E2E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{AEE47A68-7976-4063-8DD5-B4B8A7776E2E} /F:UpdateWORKGROUP\SILBERLOCKE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-04-15 15:45 - 2013-04-15 15:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 11:07 - 2015-09-26 11:07 - 000253264 _____ () D:\1&1\1&1 Surf-Stick\AssistantServices.exe
2017-11-21 20:23 - 2017-11-21 20:23 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000241856 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-11-21 20:22 - 2017-11-21 20:22 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-22 20:35 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:32 - 2017-12-14 02:32 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:32 - 2017-12-14 02:32 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-29 19:04 - 2013-05-09 13:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-03 21:19 - 2017-12-03 21:19 - 000102088 _____ () C:\Users\Timothy\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-10-29 19:40 - 2013-10-29 19:40 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SMSS-PFRO76f5.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_GCINST.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ID4BLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\E_ILMBLEE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2471.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2572.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640 - Kopie.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\2015-11_FAM.Röhrig_-2640.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\28214.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Bild.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Choriner_Straßenfest_2016.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(3).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\FullSizeRender(4).jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Herbstbasar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1590.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_1640.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_2799 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\IMG_3079 (2).JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Kuechenplan_Liedtke_Roehrig.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi badet.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Romi_und_Julia.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Sauerampfer.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_1.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_2.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Tram_3.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Ueberweisung_Liedtke.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Desktop\Vorschlag_Bad_WC.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\150806_LK-Email-Kommunikationsvorlage.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\150828-LE_Comp-brosch.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\160502_LK_Geburtstagsmailing.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\679715281122576100.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf(2).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\A1 Plakat_Waldorf.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_Kind_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Anlage_N_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\bibliotheksleitern.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\black-dots-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\blog-headers-clementine-creative.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bloom-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\bright-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Carpet.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Cavorting-free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ClaireHandBold.otf_.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\cute-colorful-background.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\document.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Einladung_Herbstbaser_DIN Lang.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\ESt_1_A_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FM_Empfehlung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(2).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(3).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender(4).jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\FullSizeRender.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header-2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\geometric-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-foil-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\gold-glitter-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_0803.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1590.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_1640.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2566.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_2707.JPG:$CmdZnID [32]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3011.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3604.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\IMG_3677.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\InDesign_Set-Up.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\inv15442005C.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\JuLie_elster_02.09.2015_21.41.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Kindergarten-Bilder.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8(1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Lekker 8.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\LEKKER_Geburtstagsmailing_KARTE_print.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Liedtke, Julia.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\LK_Glueckwunschkarte_RL_2016-06-06_DRUCK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\lutz-baar_antropos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\mail.html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\papyrus.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\pastel-confetti-blog-header.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete Ordner.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Plakat_Kirschbluete.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Postkarten_Kita.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_160509.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_durchgangstür_160530.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\schliemann47_ku che_161021.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Schrank_Liedtke_Roehrig.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Rechnung_groesser.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Siegel_Top_Service.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\Silverlight_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\SSFS_Wreaths_Laurels_free.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\teal-watercolour-blog-header.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\terms.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\Und jetzt die Fotos....html:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolor-grunge-000119-light-blue.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-purple.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Julia\Downloads\watercolour-blog-header-turquoise.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Musikschule.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Preise für den Gitarrenunterricht.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Desktop\Union Investment Freistellungsauftrag drucken.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\080530_ti_messe_vvs_kat_DNP.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\2015-11_FAM.Röhrig_auswahl.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\300-rise-of-an-empire-english-yify-68876.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\32pfl7862d_10_fus_eng.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american-sniper-2014.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\american.sniper.(2014).eng.1cd.(6091673).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Anschreiben final.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\banking-dkb-de.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\data-recovery_full1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\everybody.wants.some.(2016).eng.1cd.(6697619).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer21_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\flashplayer24au_d_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-1-english-10608.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-10-english-13462.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-11-english-13812.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-12-english-13992.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-2-english-10912.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-3-english-11187.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-4-english-11542.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-5-english-11822.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-6-english-12123.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-7-english-12433.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-8-english-12856.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-5-episode-9-english-13167.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-1-english-28573.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-10-english-32817.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-4-english-30087.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-6-english-30884.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-7-english-31306.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-8-english-31843.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\homeland-season-6-episode-9-english-32137.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Homeland_6x05_HDTV.AVS.en.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-3-episode-12-english-3414.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16753.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-1-english-16756.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16871.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-10-english-16872.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-11-english-16874.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-12-english-16879.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16881.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-13-english-16882.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-2-english-16759.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-3-english-16766.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-4-english-16767.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-5-english-16825.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-6-english-16829.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-7-english-16831.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-8-english-16833.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\house-of-cards-season-4-episode-9-english-16835.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2269.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\IMG_2377.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22(1).pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_02_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Kreditkartenabrechnung_4748xxxxxxxx6470_per_2016_04_22.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\nebenkostenabrechnung.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\Photos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schliemann47_fotos.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\schrankplaner_setup_CB-DL-Manager.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\thebigshort2015brripxvidac3-evo-english-79662.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\TimOC_elster_30.07.2015_11.14.pfx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Timothy\Downloads\winrar-x64-530d.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-11-11 21:20 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1821675693-422080741-3404470268-1002\Control Panel\Desktop\\Wallpaper -> A:\Bilder\Norwegen 2014\IMG_1753.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "UIExec"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1821675693-422080741-3404470268-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{3769F19F-45C0-4B2D-992B-05223B1FEB94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A342626-5C5E-4DF3-B312-DD83185F5FEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{65B24B18-CDCB-4B5E-9064-A473798272E3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5AA331E6-7532-4FA9-A20D-D92974947955}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13518858-DD80-4C29-991C-55215E5490D8}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [TCP Query User{DE2CDF1A-0743-4F61-BA8E-3C0500CAE274}D:\eigene programme\sonos\sonos.exe] => (Allow) D:\eigene programme\sonos\sonos.exe
FirewallRules: [{D4C000ED-633B-437C-8EB6-23354A4EF327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{29069ABE-032B-4B1D-BCB8-3A4A6E622F4A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{86852487-13B2-44F4-A0D4-25BEB4D99FD0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D5F0119A-B223-4964-8B0B-30EACC9EF44A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11C90BAF-CFF3-455D-9E25-25E42FE51BA9}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BE993BAF-47C7-4DD4-81D1-0821AFC86659}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{2E492F64-BF21-4965-B652-41A33109AC2D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E32EA6DB-2EAE-4899-A7C5-AB390D3503AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{72C7970B-E700-4A57-AE46-231EAF98721F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EF2329C-1E60-4408-88A1-6DE50D42B9B8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8966330E-BE30-409E-9455-69CE0F12CC90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DEAFF6A-066A-4005-BC7E-084E6E9F82F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DF6C1E60-3670-49D8-8476-E86716187EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B66AFF7-43CB-4338-9552-3A0A7F58E263}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7F0B837-6841-4107-8A87-B492468801F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7F6F61D5-A75C-4F79-B58B-18EE1AF7DDA7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A35D1D2-7451-4A65-8524-40843C07E5F4}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7BF2AFA9-6AE6-4F05-A033-1406997B7C1E}C:\users\timothy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\timothy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{989DF027-B861-4B84-856D-2E4D9C1202DB}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{EBEA0B02-973E-467C-98B7-5EFA79ABF598}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{67368898-CBF9-4D59-A4B8-912D7FA4D9A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E68BBC48-4F50-4B90-B97D-DC6A2C097CE8}] => (Allow) LPort=2869
FirewallRules: [{EBD1110E-9E19-4586-B9BC-FCE3346FC181}] => (Allow) LPort=1900
FirewallRules: [{7B1FD2A5-5BAA-41FE-A0AA-67089E5BA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D2526E4-906D-484B-9A5E-E09573052E64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6740FAC6-B707-4D1E-A257-F51B751FBB59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85DB67DF-EB4F-4F93-BB55-D3D07D00EE25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97C79946-10CA-468A-9C93-AAA8E5715DA4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A3907C5E-9D54-4EF3-B09C-6F4E91779960}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0C00DBA0-1681-46D3-892B-0A46B4F12A55}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F59ECA5D-88AB-4B91-8A77-FC9C7E36B0D4}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{8FAF9711-0126-471A-8DF9-E8744801F428}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/04/2018 09:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ngen.exe, Version: 4.7.2556.0, Zeitstempel: 0x59b833df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007703c5
ID des fehlerhaften Prozesses: 0xb8dc0
Startzeit der fehlerhaften Anwendung: 0x01d3859efa6f51cd
Pfad der fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f906febd-d82c-47b9-9389-7a5d0b9299cc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/04/2018 09:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Name des fehlerhaften Moduls: cmdagent.exe, Version: 10.0.2.6420, Zeitstempel: 0x5a14783d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000004e9093
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d380d65819d892
Pfad der fehlerhaften Anwendung: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Berichtskennung: 51ba9f03-a675-49ec-bcce-8de2a2db71d8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/04/2018 07:08:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (01/04/2018 12:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2fe0

Startzeit: 01d3854b9f2e8cd6

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Berichts-ID: 45cafc4a-4dae-4a3d-a5a6-e3330603e4fe

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (01/04/2018 12:03:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silberlocke)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (01/01/2018 06:28:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0xba354
Startzeit der fehlerhaften Anwendung: 0x01d38325f4da4986
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 1aaa9c3f-fb85-47b6-8f35-09261568e9c3
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/01/2018 06:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.24.5926, Zeitstempel: 0x59cbec1f
Name des fehlerhaften Moduls: shcore.dll, Version: 10.0.16299.15, Zeitstempel: 0x30134c68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038091
ID des fehlerhaften Prozesses: 0x2844
Startzeit der fehlerhaften Anwendung: 0x01d3832447780956
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\shcore.dll
Berichtskennung: 626ef5dc-ddf0-4935-a00c-fafd36f7de1a
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110

Error: (12/31/2017 05:50:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (01/06/2018 06:48:22 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:48:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/06/2018 06:41:02 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:38:46 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:37:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/06/2018 06:36:05 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:35:39 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:34:49 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:34:17 PM) (Source: DCOM) (EventID: 10010) (User: Silberlocke)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/06/2018 06:33:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2018-01-06 18:57:00.467
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:57:00.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:56:55.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:56:55.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:56:46.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:56:46.250
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:40:55.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:40:55.181
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:40:48.782
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-06 18:40:48.780
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 7944.27 MB
Verfügbarer physikalischer RAM: 3974.34 MB
Summe virtueller Speicher: 9864.27 MB
Verfügbarer virtueller Speicher: 5648.17 MB

==================== Laufwerke ================================

Drive a: (Bilder und Videos) (Fixed) (Total:180.82 GB) (Free:15.27 GB) NTFS
Drive b: (Musik) (Fixed) (Total:85.13 GB) (Free:33.16 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:127.87 GB) (Free:19.34 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Eigene Programme) (Fixed) (Total:25 GB) (Free:19.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:31.54 GB) (Free:23.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6018AF1C)

Partition: GPT.

==================== Ende von Addition.txt ============================
Sicherheitshalber hier auch noch mal die Addition-Datei

Antwort

Themen zu Virenverdacht. Kann jemand Logfile analysieren?
adobe, antivirus, authentifizierung, basisfiltermodul, bho, bildschirm, bonjour, defender, entfernen, firefox, flash player, hijackthis, home, installation, karte, langsam, logfile, mozilla, prozesse, realtek, registry, rundll, security, software, system, tcp, windows, windowsapps


« JS/Coinminer.f - wird gefunden beim Start von Chrome, kann nicht desinfiziert werden | Rechner ist extrem langsam MBAM findet trojan.didrix und backdoor.nanoCore und Backdoor.Qakbot »


Ähnliche Themen: Virenverdacht. Kann jemand Logfile analysieren?


  1. Kann mir jemand diese Logfile ansehen?
    Log-Analyse und Auswertung - 06.03.2011 (1)
  2. combofix logfile kann mal jemand drüberschauen?
    Log-Analyse und Auswertung - 14.11.2010 (1)
  3. Logfile kann jemand reinschauen?
    Mülltonne - 15.10.2009 (1)
  4. Kann sich jemand das Logfile anschauen?
    Log-Analyse und Auswertung - 20.02.2009 (7)
  5. Kann jemand mein Logfile auswerten?
    Log-Analyse und Auswertung - 17.02.2008 (6)
  6. Kann jemand mein logfile anschauen?
    Log-Analyse und Auswertung - 07.11.2007 (32)
  7. Kann mir jemand bei der auswertung des Logfile helfen?
    Log-Analyse und Auswertung - 12.07.2007 (6)
  8. Kann mir bitte jemand das LOGFILE durchsehen???
    Log-Analyse und Auswertung - 20.07.2006 (4)
  9. kann jemand meinen logfile checken?
    Log-Analyse und Auswertung - 28.02.2006 (1)
  10. TR/BUDDY.F - Wer kann mein Logfile analysieren?
    Log-Analyse und Auswertung - 01.06.2005 (1)
  11. Kann mir jemand meinen escan log analysieren?
    Mülltonne - 29.05.2005 (1)
  12. Kann mal jemand mein Logfile analysieren?
    Plagegeister aller Art und deren Bekämpfung - 19.05.2005 (2)
  13. Kann mir jemand dieses Logfile untersuchen?
    Log-Analyse und Auswertung - 17.04.2005 (2)
  14. Kann mir jemand sagen .. Logfile sauber
    Log-Analyse und Auswertung - 10.04.2005 (3)
  15. Kann sich jemand mal die Logfile anschauen?
    Log-Analyse und Auswertung - 27.02.2005 (2)
  16. Meine logfile! kann mir jemand helfen?
    Log-Analyse und Auswertung - 15.02.2005 (16)
  17. ich hab da so´n logfile, kann mir jemand helfen?
    Log-Analyse und Auswertung - 22.12.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virenverdacht. Kann jemand Logfile analysieren? - Hallo, mein Rechner ist seit kurzem sehr langsam geworden (sämtliche Prozesse). Was ich an offensichtlicher Merkwürdigkeit erkennen kann, ist ein nicht schließbares Browserfenster im Firefox, welches eine fake-Seite mit Aufforderung - Virenverdacht. Kann jemand Logfile analysieren?...
Archiv
Du betrachtest: Virenverdacht. Kann jemand Logfile analysieren? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132