| |
| |||||||
Log-Analyse und Auswertung: RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.11.2018, 08:59
| #1 |
 |  RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Hallo, kurze Vorstellung: neu hier, 46 Jahre und dummerweise im Büro anscheinend einem Trojaner aufgesessen! Ich hatte heute früh eine Mail mit *doc Anhang die anscheinend von meinem Chef kam. Im 'Halbschlaf' versucht das Dokument zu öffnen und dummerweise auch noch Inhalt aktivieren usw. gedrückt, gespeichert und nochmal das Gleiche! Erst dann sah ich genauer hin und merkte dass icch tatsächlich in die Falle getappt war. Der Avast Scanner fand nichts, online hat Kaspersky aber Trojan-Downloader.MSOffice.SLoad gefunden. https://www.virustotal.com/#/file/7bc72a8b1db7005daa42ad4ba06c4626876b489f89394e9acd445c6383ea0922/detection und https://virusscan.jotti.org/de-DE/filescanjob/6x8fi0c59h Hijackthis hier: Code:
ATTFilter Logfile of HijackThis Fork (Beta) by Alex Dragokas v.2.8.0.4 Platform: x64 Windows 10 (Pro), 10.0.17134.345 (ReleaseId: 1803), Service Pack: 0 Time: 06.11.2018 - 08:57 (UTC+01:00) Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407) Elevated: Yes Ran by: Jens (group: Administrator) on DESKTOP-0PI5060, FirstRun: no Firefox: 63.0.1.6877 Edge: 11.0.17134.345 Internet Explorer: 11.0.17134.1 Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe 1 C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe 1 C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe 1 C:\Program Files (x86)\Citrix\ICA Client\concentr.exe 1 C:\Program Files (x86)\Citrix\ICA Client\redirector.exe 1 C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe 1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe 1 C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe 1 C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe 1 C:\Program Files (x86)\FreePDF_XP\fpassist.exe 1 C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe 1 C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe 1 C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe 1 C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe 1 C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe 1 C:\Program Files (x86)\HP\Shared\hpqwmiex.exe 1 C:\Program Files (x86)\Hardcopy\hardcopy.exe 1 C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe 1 C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe 1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1 C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe 1 C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe 1 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe 1 C:\Program Files (x86)\PDF Architect 6 Manager\PDF Architect 6\Architect Manager.exe 1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 1 C:\Program Files (x86)\inSign-Offline\InsignHotspotServiceHost.exe 1 C:\Program Files (x86)\inSign\UPadBridge\openjre\launch4j-tmp\inSign UPad-Bridge.exe 1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe 1 C:\Program Files\AVAST Software\Avast\AvastUI.exe 1 C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe 1 C:\Program Files\Bonjour\mDNSResponder.exe 1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe 1 C:\Program Files\Conexant\Flow\Flow.exe 1 C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe 1 C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe 1 C:\Program Files\HPCommRecovery\HPCommRecovery.exe 1 C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe 1 C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe 1 C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe 1 C:\Program Files\HP\HP Velocity\systray.exe 1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe 1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 6 C:\Program Files\Mozilla Firefox\firefox.exe 2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 1 C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1 C:\Program Files\Windows Defender\MSASCuiL.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 1 C:\Users\Jens\AppData\Local\Microsoft\OneDrive\OneDrive.exe 1 C:\Users\Jens\Downloads\HiJackThis_v2.8.0.4.exe 1 C:\Users\Jens\Downloads\MemCompression 1 C:\Users\Jens\Downloads\Registry 1 C:\Windows\CxSvc\CxMonSvc.exe 1 C:\Windows\CxSvc\CxUtilSvc.exe 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 1 C:\Windows\SysWOW64\UIUSrv.exe 1 C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHDCPSvc.exe 1 C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHeciSvc.exe 1 C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxCUIService.exe 1 C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxEM.exe 1 C:\Windows\System32\Intel\DPTF\dptf_helper.exe 1 C:\Windows\System32\Intel\DPTF\esif_uf.exe 1 C:\Windows\System32\MicTray64.exe 4 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\SgrmBroker.exe 2 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dasHost.exe 2 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\escsvc64.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\fpCSEvtSvc.exe 1 C:\Windows\System32\ibtsiva.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 2 C:\Windows\System32\spool\drivers\x64\3\E_YATIQCE.EXE 1 C:\Windows\System32\spoolsv.exe 75 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 1 C:\Windows\System32\valWBFPolicyService.exe 1 C:\Windows\System32\wbem\WmiPrvSE.exe 2 C:\Windows\System32\wbem\unsecapp.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\System32\wlanext.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 1 C:\Windows\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://hp17win10.msn.com/?pc=HCTE R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://www.bing.com/?pc=COSP&ptag=D031918-N0690A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005 R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://hp17win10.msn.com/?pc=HCTE R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://hp17win10.msn.com/?pc=HCTE R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} = hxxp://www.bing.com/search?pc=COSP&ptag=D031918-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms} - Bing F2 - HKLM\..\WinLogon: [UserInit] = C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2-32 - HKLM\..\BHO: PDF Architect 6 Helper - {9FD094B1-A4BF-415A-82AE-8C2845D0B769} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll O3-32 - HKLM\..\Toolbar: PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIQCE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-4740 Series" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIQCE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-4740 Series" O4 - HKCU\..\Run: [OneDrive] = C:\Users\Jens\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize O4 - HKLM\..\StartupApproved\Run32: [EEventManager] (1601/01/01) = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe O4 - HKLM\..\StartupApproved\Run32: [FUFAXRCV] (1601/01/01) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe O4 - HKLM\..\StartupApproved\Run32: [FUFAXSTM] (1601/01/01) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe O4 - HKLM\..\StartupApproved\Run32: [FreePDF Assistant] (1601/01/01) = C:\Program Files (x86)\FreePDF_XP\fpassist.exe O4 - HKLM\..\StartupApproved\Run32: [HPNotifications] (1601/01/01) = C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] (1601/01/01) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\StartupApproved\Run: [AvastUI.exe] (1601/01/01) = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui O4 - HKLM\..\StartupApproved\Run: [IAStorIcon] (1601/01/01) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\StartupApproved\Run: [RtsCM] (1601/01/01) = C:\WINDOWS\RTSCM64.EXE O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) = C:\Program Files\Windows Defender\MSASCuiL.exe O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Velocity.lnk -> C:\Program Files\HP\HP Velocity\systray.exe (1601/01/01) O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (1601/01/01) O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPadBridge.lnk -> C:\Program Files (x86)\inSign\UPadBridge\inSign UPad-Bridge.exe (1601/01/01) O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4-32 - HKLM\..\Run: [ConnectionCenter] = C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup O4-32 - HKLM\..\Run: [Redirector] = C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08} - Startet das Hilfsprogramm HP-Netzwerktest, das Ihnen bei der Behebung von Netzwerkproblemen hilft. - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08} - HP-Netzwerktest - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08} - Startet das Hilfsprogramm HP-Netzwerktest, das Ihnen bei der Behebung von Netzwerkproblemen hilft. - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08} - HP-Netzwerktest - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O15 - Trusted Zone: HKCU - *.localhost O15 - Trusted Zone: HKCU - hxxp://webcompanion.com O15 - Trusted Zone: HKU\.DEFAULT - *.localhost O15 - Trusted Zone: HKU\.DEFAULT - hxxp://webcompanion.com O17 - DHCP DNS 1: 192.168.1.254 O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O21 - HKLM\..\ShellIconOverlayIdentifiers: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll O22 - Task (Job): (Not scheduled) EPSON WF-4740 Series Update {165741EF-BB4D-48DC-BEF6-2741536E5F83}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE /EXE:"{165741EF-BB4D-48DC-BEF6-2741536E5F83}" /F:"Update" O22 - Task (Job): (Not scheduled) EPSON WF-4740 Series Update {EB035632-5461-4D14-85D8-3B5105A1AC70}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE /EXE:"{EB035632-5461-4D14-85D8-3B5105A1AC70}" /F:"Update" O22 - Task (Job): (Not scheduled) G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job - C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupdate.exe O22 - Task (Job): (Not scheduled) G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job - C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupload.exe O22 - Task (Job): (Not scheduled) HPCeeScheduleForJens.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJens (null) O22 - Task (Job): (Not scheduled) TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O22 - Task: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe O22 - Task: EPSON WF-4740 Series Update {165741EF-BB4D-48DC-BEF6-2741536E5F83} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE /EXE:"{165741EF-BB4D-48DC-BEF6-2741536E5F83}" /F:"Update" O22 - Task: EPSON WF-4740 Series Update {EB035632-5461-4D14-85D8-3B5105A1AC70} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE /EXE:"{EB035632-5461-4D14-85D8-3B5105A1AC70}" /F:"Update" O22 - Task: ExclusiveTool - C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe /a O22 - Task: G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002 - C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupdate.exe O22 - Task: G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002 - C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupload.exe O22 - Task: HPCeeScheduleForJens - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJens (null) O22 - Task: HPEA3JOBS - C:\Program Files\HP\HP ePrint\hpeprint.exe /CheckJobs (file missing) O22 - Task: HPJumpStartLaunch - C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe O22 - Task: NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe O22 - Task: NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon O22 - Task: NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe O22 - Task: TrackerAutoUpdate - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 O22 - Task: \HP\HP Hotkey Support\Start QLBController Process - C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (file missing) O22 - Task: \Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis O22 - Task: \Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe O22 - Task: \Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 O22 - Task: \Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (Microsoft) O22 - Task: \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService (Microsoft) O22 - Task: \Microsoft\Office\Office Feature Updates - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft) O22 - Task: \Microsoft\Office\Office Feature Updates Logon - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe /onlogon (Microsoft) O22 - Task: \Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft) O22 - Task: \Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft) O22 - Task: \Microsoft\Windows\Conexant\FLOW - C:\Program Files\CONEXANT\FLOW\SACpl.exe /sa3 /uid:FLOW /delay:30 O22 - Task: \Microsoft\Windows\Conexant\MicTray - C:\Windows\System32\MicTray64.exe O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft) O22 - Task: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft) O22 - Task: \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\WINDOWS\System32\LanguageOverlayServer.dll (Microsoft) O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" O22 - Task: \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask (Microsoft) O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV13SIH:{} (Microsoft) O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV13SIH:{} /CalendarRun (Microsoft) O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV13SIH:{} /WakeupRun (Microsoft) O22 - Task: \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft) O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification O22 - Task: hcdll2_ex_Win32 - "C:\Program Files (x86)\Hardcopy"\hcdll2_ex_Win32.exe (file missing) O22 - Task: hcdll2_ex_x64 - "C:\Program Files (x86)\Hardcopy"\hcdll2_ex_x64.exe (file missing) O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service R2: Conexant UIU Service - (UIUService) - C:\WINDOWS\system32\UIUSrv.exe (file missing) O23 - Service R2: CxMonSvc - C:\WINDOWS\CxSvc\CxMonSvc.exe O23 - Service R2: CxUtilSvc - C:\WINDOWS\CxSvc\CxUtilSvc.exe O23 - Service R2: Dienst "Bonjour" - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service R2: DigitalPersona Authentifizierungsdienst - (DpHost) - c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe O23 - Service R2: EpsonCustomerResearchParticipation - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe O23 - Service R2: HP Comm Recovery - (HP Comm Recover) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe O23 - Service R2: HP JumpStart Bridge - (HPJumpStartBridge) - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe O23 - Service R2: HP MAC Address Manager Service - (HPMAMSrv) - C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe O23 - Service R2: Intel(R) Audio Service - (IntelAudioService) - C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHDCPSvc.exe O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service R2: Intel(R) Dynamic Platform and Thermal Framework service - (esifsvc) - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxCUIService.exe O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" O23 - Service R2: PDF Architect 6 Creator - C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe O23 - Service R2: PDF Architect 6 Manager - C:\Program Files (x86)\PDF Architect 6 Manager\PDF Architect 6\Architect Manager.exe O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service R2: Synaptics FP WBF Policy Service - (valWBFPolicyService) - C:\WINDOWS\system32\valWBFPolicyService.exe O23 - Service R2: TeamViewer 13 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service R2: WC Assistant - (WCAssistantService) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe O23 - Service R2: chip 1-click download service - (chip1click) - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe O23 - Service R2: fpCSEvtSvc - (fpCsEvtSvc) - C:\WINDOWS\system32\fpCSEvtSvc.exe O23 - Service R2: inSign HotspotService - (inSignHSP) - C:\Program Files (x86)\inSign-Offline\InsignHotspotServiceHost.exe O23 - Service R3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHeciSvc.exe O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe O23 - Service S3: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc O23 - Service S3: HP Gerätesperre/Überwachung - (FLCDLOCK) - c:\windows\SysWOW64\flcdlock.exe O23 - Service S3: HP WorkWise - (HPWorkWise) - C:\Program Files (x86)\HP\HP WorkWise\HPWorkWiseService.exe O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\windows\IAStorAfsService\iaStorAfsService.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: PDF Architect 6 - C:\Program Files\PDF Architect 6\ws.exe O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService O23 - Service S3: Windows Defender Advanced Threat Protection-Dienst - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe O23 - Service S3: Windows Defender Antivirus-Netzwerkinspektionsdienst - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- End of file - Time spent: 10 sec. - 66576 bytes, CRC32: FFFFFFFF. Sign: 㟭難 FAKE oder tatsächliches Problem? Schnelle Hilfe wäre super. Ich habe von diesem Latop keinen direkten Zugang auf den Firmenserver. Das wird über einen Despktop PC gemacht auf den ich mit dem Laptop per Teamviewer aufschalte. Die Verbindung war glaube ich aktiviert aber ich habe auf dem Dektop selbst nach Fund dieses Problems nichts mehr gemacht. BITTE schnelle Hilfe... Gruß Jens Geändert von cosinus (06.11.2018 um 09:33 Uhr) Grund: code tags |
|
06.11.2018, 09:30
| #2 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
durchgeführt von Jens (Administrator) auf DESKTOP-0PI5060 (06-11-2018 09:28:21)
Gestartet von C:\Users\Jens\Downloads
Geladene Profile: Jens (Verfügbare Profile: Jens)
Platform: Windows 10 Pro Version 1803 17134.345 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHDCPSvc.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 6 Manager\PDF Architect 6\Architect Manager.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUSrv.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\IntelCpHeciSvc.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Conexant) C:\Windows\System32\MicTray64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems, Inc) C:\Program Files\Conexant\Flow\Flow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIQCE.EXE
(Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIQCE.EXE
(HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(LiveQoS Incorporated) C:\Program Files\HP\HP Velocity\systray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(N/A) C:\Program Files (x86)\inSign\UPadBridge\openjre\launch4j-tmp\inSign UPad-Bridge.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\inSign-Offline\InsignHotspotServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel Corporation)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [225248 2017-06-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-29] (AVAST Software)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1523008 2017-04-20] (HP)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [653280 2017-11-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [862176 2017-11-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [556136 2017-08-02] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [403048 2017-08-02] (Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7379744 2018-09-20] (Lavasoft)
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIQCE.EXE [418000 2016-07-13] (Seiko Epson Corporation)
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIQCE.EXE [418000 2016-07-13] (Seiko Epson Corporation)
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
Lsa: [Notification Packages] HPPwdFilter DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2018-08-10]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Velocity.lnk [2018-01-09]
ShortcutTarget: HP Velocity.lnk -> C:\Program Files\HP\HP Velocity\systray.exe (LiveQoS Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPadBridge.lnk [2018-03-19]
ShortcutTarget: UPadBridge.lnk -> C:\Program Files (x86)\inSign\UPadBridge\inSign UPad-Bridge.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{02958aad-8c48-48cc-8fcc-9fb5abd87820}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f488c28e-f54d-4bb4-a571-b2793210964d}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D031918-N0690A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKU\S-1-5-21-3642975892-4094710876-1693064538-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D031918-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3642975892-4094710876-1693064538-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D031918-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-20] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2018-03-19] (Oracle Corporation)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-27] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2018-03-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-06-27] (pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: y0oq33uj.default
FF ProfilePath: C:\Users\Jens\AppData\Roaming\Mozilla\Firefox\Profiles\y0oq33uj.default [2018-11-06]
FF Homepage: Mozilla\Firefox\Profiles\y0oq33uj.default -> hxxps://www.google.de/
FF NewTab: Mozilla\Firefox\Profiles\y0oq33uj.default -> hxxp://www.bing.com/?pc=COSP&ptag=D031918-N0600A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005
FF SearchPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\Firefox\Profiles\y0oq33uj.default\searchplugins\bing-lavasoft-ff59.xml [2018-09-20]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin: PDF Architect 6 -> C:\Program Files\PDF Architect 6\np-previewer.dll [2018-06-27] (pdfforge GmbH)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-08-02] (Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2018-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2018-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3642975892-4094710876-1693064538-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-29] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-29] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-29] (AVAST Software)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2018-10-25] (Chip Digital GmbH) [Datei ist nicht signiert] <==== ACHTUNG
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9667872 2018-10-24] (Microsoft Corporation)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [34424 2017-06-22] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [148600 2017-04-13] (Conexant Systems, Inc.)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527808 2017-06-20] (Crossmatch, Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [674768 2018-03-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-05-10] (Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1701480 2017-07-07] (Intel Corporation)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [589392 2017-06-22] (Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2017-08-09] ()
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1326888 2017-07-31] (HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [538432 2017-07-05] (HP)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
S3 HPWorkWise; C:\Program Files (x86)\HP\HP WorkWise\HPWorkWiseService.exe [559096 2017-06-15] (HP)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2413720 2017-06-10] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-06-09] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
R2 inSignHSP; C:\Program Files (x86)\inSign-Offline\InsignHotspotServiceHost.exe [28672 2017-11-15] () [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [160856 2017-07-24] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
S3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2837168 2018-06-27] (pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [874680 2018-06-27] (pdfforge GmbH)
R2 PDF Architect 6 Manager; C:\Program Files (x86)\PDF Architect 6 Manager\PDF Architect 6\Architect Manager.exe [999200 2018-04-20] (© pdfforge GmbH.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-08-22] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [116344 2018-06-10] (Conexant Systems, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2017-08-09] (Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-09-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-31] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-31] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-31] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-31] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-31] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-18] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-31] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-31] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-05] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2018-09-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-31] (AVAST Software)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [1910744 2017-07-29] (Conexant Systems Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [74768 2017-06-22] (Hewlett-Packard Enterpise Company)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2015-03-10] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2015-03-10] (Windows (R) Win 7 DDK provider)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74168 2017-07-07] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2017-07-07] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2017-07-07] (Intel Corporation)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98944 2017-06-16] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70632 2017-06-10] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-10] (Intel Corporation)
R1 IPeakLWF; C:\WINDOWS\system32\DRIVERS\ipeaklwf.sys [525144 2017-06-14] (LiveQoS Incorporated)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8742936 2018-04-04] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_ef940603bc23eed3\nvlddmkm.sys [17036552 2018-02-09] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-18] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [783328 2017-06-08] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3231200 2017-06-07] (Realtek Semiconductor Corp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [58456 2017-08-22] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-11-06 09:28 - 2018-11-06 09:28 - 000030725 _____ C:\Users\Jens\Downloads\FRST.txt
2018-11-06 09:28 - 2018-11-06 09:28 - 000000000 ____D C:\FRST
2018-11-06 09:27 - 2018-11-06 09:27 - 002414592 _____ (Farbar) C:\Users\Jens\Downloads\FRST64.exe
2018-11-06 08:41 - 2018-11-06 08:41 - 005819544 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Jens\Downloads\HiJackThis_v2.8.0.4.exe
2018-11-06 08:28 - 2018-11-06 08:29 - 004500404 _____ C:\WINDOWS\Minidump\110618-15171-01.dmp
2018-11-06 08:28 - 2018-11-06 08:28 - 1296263825 _____ C:\WINDOWS\MEMORY.DMP
2018-11-05 18:20 - 2018-11-05 18:20 - 000000000 ____D C:\ProgramData\DSDCS
2018-11-05 18:19 - 2018-11-05 18:19 - 007795945 _____ (DSDCS) C:\Users\Jens\Downloads\InputMapper 1.6.10.19991.exe
2018-11-05 18:19 - 2018-11-05 18:19 - 000003202 _____ C:\WINDOWS\System32\Tasks\ExclusiveTool
2018-11-05 18:19 - 2018-11-05 18:19 - 000002099 _____ C:\Users\Public\Desktop\InputMapper.lnk
2018-11-05 18:19 - 2018-11-05 18:19 - 000000000 ____D C:\Users\Jens\AppData\Roaming\InputMapper
2018-11-05 18:19 - 2018-11-05 18:19 - 000000000 ____D C:\Users\Jens\AppData\Roaming\DSDCS
2018-11-05 18:19 - 2018-11-05 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2018-11-05 18:19 - 2018-11-05 18:19 - 000000000 ____D C:\ProgramData\Caphyon
2018-11-05 18:19 - 2018-11-05 18:19 - 000000000 ____D C:\Program Files (x86)\DSDCS
2018-11-05 16:18 - 2013-05-19 01:02 - 000039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
2018-11-01 18:49 - 2018-11-01 18:49 - 000002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-01 18:49 - 2018-11-01 18:49 - 000002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-01 18:49 - 2018-11-01 18:49 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-01 18:49 - 2018-11-01 18:49 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-01 18:49 - 2018-11-01 18:49 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-01 18:49 - 2018-11-01 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-11-01 12:19 - 2018-11-01 12:19 - 002395664 _____ C:\Users\Jens\Downloads\ruv_riester_sonderdruck_focus_money_35.pdf
2018-11-01 12:19 - 2018-11-01 12:19 - 000604138 _____ C:\Users\Jens\Downloads\condor_riester_congenial_broschuere.pdf
2018-11-01 12:19 - 2018-11-01 12:19 - 000285649 _____ C:\Users\Jens\Downloads\83_376_70_0512_008_0_Condor_Highlightblatt_Congenial_riester_garant_01-01-2017.pdf
2018-11-01 11:44 - 2018-11-01 11:44 - 000001134 _____ C:\Users\Public\Desktop\Condor Angebotssystem.lnk
2018-11-01 11:44 - 2018-11-01 11:44 - 000000000 ____D C:\ProgramData\Fujitsu
2018-11-01 11:42 - 2018-11-01 11:42 - 000000049 _____ C:\WINDOWS\VOPTCON.INI
2018-11-01 11:42 - 2018-11-01 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Condor Angebotssystem
2018-11-01 11:40 - 2018-11-01 11:40 - 000000000 ____D C:\Program Files (x86)\Condor
2018-11-01 11:39 - 2018-11-01 11:40 - 205215414 _____ C:\Users\Jens\Downloads\Setup.exe
2018-11-01 11:36 - 2018-11-01 11:36 - 000001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2018-11-01 11:35 - 2018-11-01 12:13 - 000000000 ____D C:\Users\Jens\AppData\Roaming\ICAClient
2018-11-01 11:35 - 2018-11-01 12:13 - 000000000 ____D C:\Users\Jens\AppData\Local\Citrix
2018-11-01 11:35 - 2018-11-01 11:36 - 000000000 ____D C:\ProgramData\Citrix
2018-11-01 11:35 - 2018-11-01 11:36 - 000000000 ____D C:\Program Files (x86)\Citrix
2018-11-01 11:34 - 2018-11-01 11:35 - 041903720 _____ (Citrix Systems, Inc.) C:\Users\Jens\Downloads\CitrixReceiverWeb_49.exe
2018-11-01 08:42 - 2018-11-01 08:42 - 000000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2018-10-30 08:38 - 2018-10-30 08:38 - 000000000 ____D C:\Users\Jens\ansel
2018-10-30 08:38 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2018-10-30 08:38 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2018-10-30 08:38 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2018-10-30 08:38 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2018-10-30 08:38 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2018-10-30 08:38 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2018-10-30 08:38 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2018-10-30 08:38 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2018-10-30 08:38 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2018-10-30 08:38 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2018-10-30 08:38 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2018-10-30 08:38 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2018-10-30 08:38 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2018-10-30 08:38 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2018-10-30 08:38 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2018-10-30 08:38 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2018-10-30 08:38 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2018-10-30 08:38 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2018-10-30 08:38 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2018-10-30 08:38 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2018-10-30 08:38 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2018-10-30 08:38 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2018-10-30 08:38 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2018-10-30 08:38 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2018-10-30 08:38 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2018-10-30 08:38 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2018-10-30 08:38 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2018-10-30 08:38 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2018-10-30 08:38 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2018-10-30 08:38 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2018-10-30 08:38 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2018-10-30 08:38 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2018-10-30 08:38 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2018-10-30 08:38 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2018-10-30 08:38 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2018-10-30 08:38 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2018-10-30 08:38 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2018-10-30 08:38 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2018-10-30 08:38 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2018-10-30 08:38 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2018-10-30 08:38 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2018-10-30 08:38 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2018-10-30 08:38 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2018-10-30 08:38 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2018-10-30 08:38 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2018-10-30 08:38 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2018-10-30 08:38 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2018-10-30 08:38 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2018-10-30 08:38 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2018-10-30 08:38 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2018-10-30 08:38 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2018-10-30 08:38 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2018-10-30 08:38 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2018-10-30 08:38 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2018-10-30 08:38 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2018-10-30 08:38 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2018-10-30 08:38 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2018-10-30 08:38 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2018-10-30 08:38 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2018-10-30 08:38 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2018-10-30 08:38 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2018-10-30 08:38 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2018-10-30 08:38 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2018-10-30 08:38 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2018-10-30 08:38 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2018-10-30 08:38 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2018-10-30 08:38 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2018-10-30 08:38 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2018-10-30 08:38 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2018-10-30 08:38 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2018-10-30 08:38 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2018-10-30 08:38 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2018-10-30 08:38 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2018-10-30 08:38 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2018-10-30 08:38 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2018-10-30 08:38 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2018-10-30 08:38 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2018-10-30 08:38 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2018-10-30 08:38 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2018-10-30 08:38 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2018-10-30 08:38 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2018-10-30 08:38 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2018-10-30 08:38 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2018-10-30 08:38 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2018-10-30 08:38 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2018-10-30 08:38 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2018-10-30 08:38 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2018-10-30 08:38 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2018-10-30 08:38 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2018-10-30 08:38 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2018-10-30 08:38 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2018-10-30 08:38 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2018-10-30 08:38 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2018-10-30 08:38 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2018-10-30 08:38 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2018-10-30 08:38 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2018-10-30 08:38 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2018-10-30 08:38 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2018-10-30 08:38 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2018-10-30 08:38 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2018-10-30 08:38 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2018-10-30 08:38 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2018-10-30 08:38 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2018-10-30 08:38 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2018-10-30 08:38 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2018-10-30 08:38 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-10-30 08:38 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-10-30 08:37 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-10-30 08:37 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-10-30 08:37 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-10-30 08:37 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-10-30 08:37 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-10-30 08:37 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-10-30 08:37 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-10-30 08:37 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-10-30 08:21 - 2018-10-30 08:21 - 000000000 ____D C:\Users\Jens\AppData\LocalLow\Techland
2018-10-30 08:18 - 2018-10-30 08:18 - 000000000 ____D C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-30 08:16 - 2018-10-30 08:16 - 000000000 ____D C:\Users\Jens\AppData\Local\Steam
2018-10-30 08:15 - 2018-11-06 08:41 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-30 08:15 - 2018-10-30 08:15 - 001573568 _____ C:\Users\Jens\Downloads\SteamSetup.exe
2018-10-30 08:15 - 2018-10-30 08:15 - 001573568 _____ C:\Users\Jens\Downloads\SteamSetup(1).exe
2018-10-30 08:15 - 2018-10-30 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-29 09:42 - 2018-10-29 09:41 - 000378584 _____ C:\WINDOWS\system32\aswBoot.exe
2018-10-19 12:57 - 2018-11-06 08:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-19 12:57 - 2018-10-19 12:59 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-10-19 12:57 - 2018-10-19 12:59 - 000001035 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-10-19 11:27 - 2018-10-19 11:27 - 000058191 _____ C:\Users\Jens\Documents\INTER_Z90_Kundenanschreiben_Vorabversion_Versand_MitteNovember2018.pdf
2018-10-15 12:41 - 2018-10-15 12:41 - 000000000 ____D C:\Users\Jens\AppData\Local\Akruto
2018-10-15 10:34 - 2018-10-15 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attribute Changer
2018-10-15 10:34 - 2018-10-15 10:34 - 000000000 ____D C:\Program Files (x86)\Attribute Changer
2018-10-12 10:14 - 2018-10-12 10:14 - 000000000 ____D C:\Users\Jens\AppData\Local\OneDrive
2018-10-09 18:16 - 2018-09-21 10:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:16 - 2018-09-21 09:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:16 - 2018-09-21 05:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-09 18:16 - 2018-09-21 05:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:16 - 2018-09-21 04:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:16 - 2018-09-20 10:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-09 18:16 - 2018-09-20 10:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:16 - 2018-09-20 10:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:16 - 2018-09-20 09:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-09 18:16 - 2018-09-20 09:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:16 - 2018-09-20 05:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:16 - 2018-09-20 05:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-09 18:16 - 2018-09-20 05:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:16 - 2018-09-20 05:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-09 18:16 - 2018-09-20 05:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:16 - 2018-09-20 05:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:16 - 2018-09-20 05:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:16 - 2018-09-20 05:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:16 - 2018-09-20 05:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-09 18:16 - 2018-09-20 05:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-09 18:16 - 2018-09-20 04:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:16 - 2018-09-20 04:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:16 - 2018-09-20 04:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-09 18:16 - 2018-09-20 04:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:16 - 2018-09-20 04:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-09 18:16 - 2018-09-20 04:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:16 - 2018-09-20 04:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:16 - 2018-09-20 04:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-09 18:16 - 2018-09-08 09:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-09 18:16 - 2018-09-08 09:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-09 18:16 - 2018-09-08 09:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-09 18:16 - 2018-09-08 09:03 - 002267136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-10-09 18:16 - 2018-09-08 08:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-09 18:16 - 2018-09-08 08:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-09 18:16 - 2018-09-08 08:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-09 18:16 - 2018-09-08 08:17 - 001540104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-10-09 18:16 - 2018-09-08 08:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-09 18:16 - 2018-09-08 05:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-09 18:16 - 2018-09-08 04:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-09 18:16 - 2018-09-08 04:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-09 18:16 - 2018-09-08 04:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-09 18:16 - 2018-09-08 04:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-09 18:16 - 2018-09-08 04:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-09 18:16 - 2018-09-08 04:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-09 18:16 - 2018-09-08 04:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-09 18:16 - 2018-09-08 04:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-09 18:16 - 2018-09-08 04:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-09 18:15 - 2018-09-21 10:23 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 001786168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 001422648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-10-09 18:15 - 2018-09-21 10:21 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2018-10-09 18:15 - 2018-09-21 10:21 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-10-09 18:15 - 2018-09-21 10:21 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2018-10-09 18:15 - 2018-09-21 10:21 - 000034304 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2018-10-09 18:15 - 2018-09-21 10:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-09 18:15 - 2018-09-21 09:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-09 18:15 - 2018-09-21 05:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-09 18:15 - 2018-09-21 05:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-09 18:15 - 2018-09-21 05:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-09 18:15 - 2018-09-21 05:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-09 18:15 - 2018-09-21 05:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-09 18:15 - 2018-09-21 05:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-09 18:15 - 2018-09-21 05:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-09 18:15 - 2018-09-21 05:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-09 18:15 - 2018-09-21 05:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-09 18:15 - 2018-09-21 05:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-09 18:15 - 2018-09-21 05:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-09 18:15 - 2018-09-21 05:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-09 18:15 - 2018-09-21 05:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-09 18:15 - 2018-09-21 05:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-09 18:15 - 2018-09-21 05:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-09 18:15 - 2018-09-21 05:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-09 18:15 - 2018-09-21 05:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-09 18:15 - 2018-09-21 05:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-09 18:15 - 2018-09-21 04:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-09 18:15 - 2018-09-21 04:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-09 18:15 - 2018-09-21 04:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-09 18:15 - 2018-09-21 04:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-09 18:15 - 2018-09-21 04:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-09 18:15 - 2018-09-21 04:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-09 18:15 - 2018-09-21 04:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-09 18:15 - 2018-09-21 04:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-09 18:15 - 2018-09-21 04:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-09 18:15 - 2018-09-21 04:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-09 18:15 - 2018-09-21 04:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-09 18:15 - 2018-09-21 04:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-09 18:15 - 2018-09-21 04:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-09 18:15 - 2018-09-21 04:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:15 - 2018-09-21 04:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-09 18:15 - 2018-09-21 04:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-09 18:15 - 2018-09-21 04:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:15 - 2018-09-21 04:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-09 18:15 - 2018-09-21 04:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-09 18:15 - 2018-09-21 04:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-09 18:15 - 2018-09-21 04:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-09 18:15 - 2018-09-21 04:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-09 18:15 - 2018-09-21 04:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-09 18:15 - 2018-09-21 04:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-09 18:15 - 2018-09-20 10:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-09 18:15 - 2018-09-20 10:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:15 - 2018-09-20 10:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-09 18:15 - 2018-09-20 10:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-09 18:15 - 2018-09-20 10:18 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-10-09 18:15 - 2018-09-20 10:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:15 - 2018-09-20 10:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:15 - 2018-09-20 10:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-09 18:15 - 2018-09-20 10:17 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-10-09 18:15 - 2018-09-20 10:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:15 - 2018-09-20 09:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:15 - 2018-09-20 09:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-09 18:15 - 2018-09-20 09:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:15 - 2018-09-20 09:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:15 - 2018-09-20 09:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:15 - 2018-09-20 09:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-09 18:15 - 2018-09-20 07:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-09 18:15 - 2018-09-20 06:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-09 18:15 - 2018-09-20 05:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:15 - 2018-09-20 05:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:15 - 2018-09-20 05:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-09 18:15 - 2018-09-20 05:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-09 18:15 - 2018-09-20 05:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-09 18:15 - 2018-09-20 05:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:15 - 2018-09-20 05:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-09 18:15 - 2018-09-20 05:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:15 - 2018-09-20 05:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:15 - 2018-09-20 05:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-09 18:15 - 2018-09-20 05:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-09 18:15 - 2018-09-20 05:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-09 18:15 - 2018-09-20 05:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-09 18:15 - 2018-09-20 05:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:15 - 2018-09-20 05:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:15 - 2018-09-20 05:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:15 - 2018-09-20 05:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-09 18:15 - 2018-09-20 05:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:15 - 2018-09-20 05:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:15 - 2018-09-20 05:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-09 18:15 - 2018-09-20 05:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-09 18:15 - 2018-09-20 05:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:15 - 2018-09-20 05:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:15 - 2018-09-20 05:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:15 - 2018-09-20 05:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-09 18:15 - 2018-09-20 05:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:15 - 2018-09-20 05:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:15 - 2018-09-20 04:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-09 18:15 - 2018-09-20 04:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-09 18:15 - 2018-09-20 04:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-09 18:15 - 2018-09-20 04:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-09 18:15 - 2018-09-20 04:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-09 18:15 - 2018-09-20 04:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-09 18:15 - 2018-09-20 04:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-09 18:15 - 2018-09-20 04:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-09 18:15 - 2018-09-20 04:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-09 18:15 - 2018-09-20 04:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:15 - 2018-09-20 04:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:15 - 2018-09-20 04:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:15 - 2018-09-20 04:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-09 18:15 - 2018-09-20 03:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-09 18:15 - 2018-09-20 02:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:15 - 2018-09-08 09:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-09 18:15 - 2018-09-08 09:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-09 18:15 - 2018-09-08 09:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-09 18:15 - 2018-09-08 09:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-09 18:15 - 2018-09-08 09:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-09 18:15 - 2018-09-08 09:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-09 18:15 - 2018-09-08 09:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-09 18:15 - 2018-09-08 09:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-09 18:15 - 2018-09-08 08:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-09 18:15 - 2018-09-08 08:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-09 18:15 - 2018-09-08 08:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-09 18:15 - 2018-09-08 08:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-09 18:15 - 2018-09-08 08:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-09 18:15 - 2018-09-08 08:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-09 18:15 - 2018-09-08 08:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-09 18:15 - 2018-09-08 08:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-09 18:15 - 2018-09-08 08:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-09 18:15 - 2018-09-08 08:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-09 18:15 - 2018-09-08 08:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-09 18:15 - 2018-09-08 08:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-09 18:15 - 2018-09-08 08:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-09 18:15 - 2018-09-08 08:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-09 18:15 - 2018-09-08 08:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-09 18:15 - 2018-09-08 08:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-09 18:15 - 2018-09-08 08:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-09 18:15 - 2018-09-08 08:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-09 18:15 - 2018-09-08 08:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-09 18:15 - 2018-09-08 08:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-09 18:15 - 2018-09-08 08:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-09 18:15 - 2018-09-08 08:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-09 18:15 - 2018-09-08 08:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-09 18:15 - 2018-09-08 08:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-09 18:15 - 2018-09-08 08:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-09 18:15 - 2018-09-08 08:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-09 18:15 - 2018-09-08 08:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-09 18:15 - 2018-09-08 08:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-09 18:15 - 2018-09-08 08:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-09 18:15 - 2018-09-08 08:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-09 18:15 - 2018-09-08 08:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-09 18:15 - 2018-09-08 07:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-09 18:15 - 2018-09-08 07:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-09 18:15 - 2018-09-08 07:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-09 18:15 - 2018-09-08 07:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-09 18:15 - 2018-09-08 07:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-09 18:15 - 2018-09-08 07:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-09 18:15 - 2018-09-08 07:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-09 18:15 - 2018-09-08 07:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-09 18:15 - 2018-09-08 07:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-09 18:15 - 2018-09-08 07:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-09 18:15 - 2018-09-08 07:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-09 18:15 - 2018-09-08 07:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-09 18:15 - 2018-09-08 04:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-09 18:15 - 2018-09-08 04:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-09 18:15 - 2018-09-08 04:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-09 18:15 - 2018-09-08 04:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-09 18:15 - 2018-09-08 04:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-09 18:15 - 2018-09-08 04:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-09 18:15 - 2018-09-08 04:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-09 18:15 - 2018-09-08 04:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-09 18:15 - 2018-09-08 04:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-09 18:15 - 2018-09-08 04:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-09 18:15 - 2018-09-08 04:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-09 18:15 - 2018-09-08 04:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-09 18:15 - 2018-09-08 04:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-09 18:15 - 2018-09-08 04:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-09 18:15 - 2018-09-08 04:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-09 18:15 - 2018-09-08 04:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-09 18:15 - 2018-09-08 04:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-09 18:15 - 2018-09-08 04:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-09 18:15 - 2018-09-08 04:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-09 18:15 - 2018-09-08 04:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-09 18:15 - 2018-09-08 04:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-09 18:15 - 2018-09-08 04:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-09 18:15 - 2018-09-08 04:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-09 18:15 - 2018-09-08 04:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-09 18:15 - 2018-09-08 04:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-09 18:15 - 2018-09-08 04:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-09 18:15 - 2018-09-08 04:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-09 18:15 - 2018-09-08 04:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-09 18:15 - 2018-09-08 04:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-09 18:15 - 2018-09-08 04:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-09 18:15 - 2018-09-08 04:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-09 18:15 - 2018-09-08 04:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-09 18:15 - 2018-09-08 04:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-09 18:15 - 2018-09-08 04:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-09 18:15 - 2018-09-08 04:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-09 18:15 - 2018-09-08 04:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-09 18:15 - 2018-09-08 04:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-09 18:15 - 2018-09-08 04:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-09 18:15 - 2018-09-08 04:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-09 18:15 - 2018-09-08 04:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-09 18:15 - 2018-09-08 04:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-09 18:15 - 2018-09-08 04:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-09 18:15 - 2018-09-08 04:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-09 18:15 - 2018-09-08 04:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-09 18:15 - 2018-09-08 04:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-09 18:15 - 2018-09-08 04:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-09 18:15 - 2018-09-08 04:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-09 18:15 - 2018-09-08 04:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-09 18:15 - 2018-09-08 04:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-09 18:15 - 2018-09-08 04:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-09 18:15 - 2018-09-08 04:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-11-06 09:27 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-06 09:14 - 2018-03-16 13:44 - 000000000 ____D C:\Users\Jens\AppData\LocalLow\Mozilla
2018-11-06 09:00 - 2018-03-16 13:43 - 000000000 ____D C:\Users\Jens\Documents\Outlook-Dateien
2018-11-06 08:35 - 2018-06-10 06:30 - 001926094 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-06 08:35 - 2018-04-12 17:14 - 000822772 _____ C:\WINDOWS\system32\perfh007.dat
2018-11-06 08:35 - 2018-04-12 17:14 - 000183302 _____ C:\WINDOWS\system32\perfc007.dat
2018-11-06 08:35 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-06 08:33 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-06 08:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-06 08:29 - 2018-03-20 12:13 - 000000000 ____D C:\Users\Jens\AppData\Local\FreePDF_XP
2018-11-06 08:28 - 2018-09-20 09:54 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-06 08:28 - 2018-06-10 06:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-06 08:28 - 2018-06-10 06:30 - 000000000 ____D C:\Users\Jens
2018-11-06 08:28 - 2018-06-10 06:24 - 000484256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-06 08:28 - 2018-06-10 06:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-06 08:28 - 2018-05-23 12:59 - 000000660 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job
2018-11-06 08:28 - 2018-05-23 12:59 - 000000564 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job
2018-11-06 08:28 - 2018-05-10 12:24 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJens.job
2018-11-06 08:28 - 2018-03-16 13:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-06 08:28 - 2018-03-16 13:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-06 08:28 - 2018-03-14 14:01 - 000000000 __SHD C:\Users\Jens\IntelGraphicsProfiles
2018-11-06 08:28 - 2018-01-09 06:41 - 000000000 ____D C:\ProgramData\Synaptics
2018-11-06 08:28 - 2018-01-09 06:41 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-06 08:23 - 2018-03-24 17:56 - 000000000 ____D C:\Users\Jens\AppData\Local\Packages
2018-11-06 08:23 - 2018-03-16 17:05 - 000000000 ____D C:\Users\Jens\Desktop\Pufferordner
2018-11-05 18:29 - 2018-08-01 10:12 - 000000000 ____D C:\Users\Jens\AppData\Local\CrashDumps
2018-11-05 18:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-05 10:35 - 2018-06-10 06:37 - 000003248 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJens
2018-11-04 18:01 - 2018-06-10 06:37 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-04 18:01 - 2018-06-10 06:37 - 000003828 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002
2018-11-04 18:01 - 2018-06-10 06:37 - 000003732 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002
2018-11-04 18:01 - 2018-05-23 12:59 - 000000000 ____D C:\Users\Jens\AppData\Local\GoToMeeting
2018-11-01 18:48 - 2017-04-01 04:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-01 11:44 - 2017-10-25 11:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-01 11:41 - 2018-03-16 13:44 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-31 07:57 - 2018-06-10 06:37 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3642975892-4094710876-1693064538-1002
2018-10-31 07:57 - 2018-06-10 06:30 - 000002387 _____ C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-31 07:57 - 2018-03-14 14:03 - 000000000 ___RD C:\Users\Jens\OneDrive
2018-10-29 09:42 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-23 07:26 - 2018-03-16 13:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-19 12:46 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-16 07:24 - 2018-06-21 13:00 - 000000000 ____D C:\ProgramData\Packages
2018-10-15 11:17 - 2018-03-16 14:02 - 000000000 ____D C:\Users\Jens\AppData\LocalLow\Adobe
2018-10-13 19:12 - 2017-10-25 11:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-10-12 09:25 - 2018-03-22 08:37 - 000000000 ___RD C:\Users\Jens\3D Objects
2018-10-12 09:25 - 2017-04-01 04:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 20:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-09 20:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-09 20:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-09 20:13 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-09 20:13 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-09 20:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 20:13 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-09 18:17 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-09 18:15 - 2018-03-16 14:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:14 - 2018-03-16 14:00 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2018-10-05 08:51 - 2008-03-27 14:51 - 000034316 _____ () C:\Program Files\kt_berechnen.htm
2018-10-05 08:51 - 2008-03-31 10:43 - 000050919 _____ () C:\Program Files\kt_berechnen.jpg
2018-10-05 08:51 - 2008-04-01 11:27 - 000001071 _____ () C:\Program Files\kt_berechnen.txt
2018-06-10 06:46 - 2018-06-10 06:46 - 000011417 _____ () C:\Users\Jens\AppData\Roaming\Durch Trennzeichen getrennte Werte.TSK
2018-05-14 07:41 - 2018-05-14 07:41 - 000000017 _____ () C:\Users\Jens\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
2018-11-06 08:29 - 2018-11-06 08:29 - 000043520 ____N () C:\Users\Jens\AppData\Local\Temp\proxy_vole1746935701100306207.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-06-10 06:24
==================== Ende von FRST.txt ============================
|
|
06.11.2018, 09:31
| #3 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! FRST Additions Logfile:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24.10.2018
durchgeführt von Jens (06-11-2018 09:28:56)
Gestartet von C:\Users\Jens\Downloads
Windows 10 Pro Version 1803 17134.345 (X64) (2018-06-10 05:37:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3642975892-4094710876-1693064538-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3642975892-4094710876-1693064538-503 - Limited - Disabled)
Gast (S-1-5-21-3642975892-4094710876-1693064538-501 - Limited - Disabled)
Jens (S-1-5-21-3642975892-4094710876-1693064538-1002 - Administrator - Enabled) => C:\Users\Jens
WDAGUtilityAccount (S-1-5-21-3642975892-4094710876-1693064538-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (HKLM-x32\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\Adobe Connect 9 Add-in) (Version: 11.9.980.387 - Adobe Systems Incorporated)
AFPL Ghostscript 8.14 (HKLM-x32\...\AFPL Ghostscript 8.14) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Antragsversand (HKLM-x32\...\{3E121371-DD3C-42C7-9E88-67C717AA6852}) (Version: 18.01.6611.24708 - NUERNBERGER Versicherungsgruppe)
Attribute Changer 8.20 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges)
Audio Controls Application (HKLM\...\HP-NB-AIO) (Version: 4.0.15.0 - Conexant Systems)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.8.1.1 - Chip Digital GmbH) <==== ACHTUNG
Citrix Receiver 4.9 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.0.2539 - Citrix Systems, Inc.)
CONDOR Angebotssystem (HKLM-x32\...\CONDOR Angebotssystem) (Version: 07/2018 - Condor Versicherungen)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.157.10 - Conexant)
Document Capture Pro (HKLM-x32\...\{BC4A88D6-D28D-48DB-9C56-4043EBC325BD}) (Version: 2.00.0004 - Seiko Epson Corporation)
Dokumente für BT4all 01.2018 (HKLM-x32\...\{b3a26f63-0899-4313-a0d8-38eb38ded9b1}) (Version: 18.01.6621.4067 - NÜRNBERGER Beratungstechnologie)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{39F3B3EA-C7A7-4EBE-AF43-3D769B1881B3}) (Version: 3.10.0086 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.32.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
Epson WF-4740 Series Guide (HKLM-x32\...\UsersGuideEpson WF-4740 Series Guide_is1) (Version: 1.0 - Epson America,Inc.)
EPSON WF-4740 Series Printer Uninstall (HKLM\...\EPSON WF-4740 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
EVT Profi (HKLM-x32\...\{5FE8DBC5-792E-44F8-B191-947499A13F3F}) (Version: 1.1.10 - R+V Versicherung)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Fujitsu NetCOBOL Free Run-time (HKLM-x32\...\{F84C7212-9DC4-4963-A564-73C2EFA18935}) (Version: 10.1.0000.0000 - FUJITSU LIMITED) Hidden
Fujitsu NetCOBOL Free Run-time (HKLM-x32\...\InstallShield_{F84C7212-9DC4-4963-A564-73C2EFA18935}) (Version: 10.1.0000.0000 - FUJITSU LIMITED)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 8.37.0.10996 (HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\GoToMeeting) (Version: 8.37.0.10996 - LogMeIn, Inc.)
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2017.11.29 - www.hardcopy.de)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.3.5.2453 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.8.0 - HP Inc.)
HP Device Access Manager (HKLM\...\{77ACDCD1-A6A9-49A2-9F73-76AAF425EA5C}) (Version: 8.4.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.3.1 - HP)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{6A139049-EBB9-4076-8664-B468888E55A3}) (Version: 1.3.392.0 - HP Inc.)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.10.1 - HP)
HP Notifications (HKLM-x32\...\{914DE766-65CE-4B85-BCCF-048ECB92E2A7}) (Version: 1.1.4.1 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{fc153673-e23b-4908-93b9-164cc056a3c4}) (Version: 4.3.19.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.3 - HP)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{FC8A64EE-AE92-4705-9C3E-63A87DDFD205}) (Version: 12.9.24.3 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{A66E1AC5-F4A9-4DB0-ACB0-90419A8F98D5}) (Version: 1.2.11.2 - HP Inc.)
HP Velocity (HKLM\...\IPQ_NSIS) (Version: 3.2.0.24905 - HP Inc.)
HP WorkWise (HKLM-x32\...\{2EDE0C89-892C-4C3C-A922-C4DDE7C68EAE}) (Version: 1.4.14.1 - HP Inc.)
HPWorkWise64 (HKLM\...\{56051A5A-7A04-4CD4-A5CD-781F1AC10112}) (Version: 1.4.14.1 - Ihr Firmenname) Hidden
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Insign 3.7.303 (HKLM-x32\...\{ee109db4-3506-4913-89ad-cd25cbf2e670}) (Version: 3.7.303 - NUERNBERGER Versicherungsgruppe)
inSign UPadBridge (HKLM-x32\...\{19AFCD2B-22B8-40AB-AA70-A2D374D38762}) (Version: 2.08.0001 - Intelligent Solution Services AG)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1067 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4799 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DDE28492-B260-4DF0-BA99-7F96FC2932C1}) (Version: 19.60.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4996e560-35d4-4f06-93df-54b6e6ab11c5}) (Version: 20.50.1 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
KaloMa 4.94 (HKLM-x32\...\KaloMa_is1) (Version: - Frank Böpple)
Manager (HKLM-x32\...\{7C2AA78F-C065-4CA2-8FD2-04320B2457E6}) (Version: 6.0.7.371 - pdfforge GmbH) Hidden
Microsoft Office Home and Business 2016 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\OneDriveSetup.exe) (Version: 18.192.0920.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MicTray (HKLM\...\MicTray) (Version: 1.14.0.0 - Conexant Systems)
Mozilla Firefox 63.0.1 (x64 de) (HKLM\...\Mozilla Firefox 63.0.1 (x64 de)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0 - Mozilla)
NÜRNBERGER AVB Steuerung und Dokumente (HKLM-x32\...\{41082102-0C98-47A6-89AD-573DEB324BC1}) (Version: 18.01.6621.4067 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER BT4all 01.2018 Meta Bundle (HKLM-x32\...\{8cd77496-9777-4613-a416-6339f1e625cc}) (Version: 18.1.6627.26891 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER BT4all 01.2018SP1 (HKLM-x32\...\{554b3bf1-c463-4e37-87f1-ffb07ce1273c}) (Version: 18.01.6621.3723 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER BT4all Angebotsprogramm (HKLM-x32\...\{08DA0F5A-6957-4053-B1E3-64DFA639D241}) (Version: 18.01.6621.3723 - NÜRNBERGER Versicherungsgruppe) Hidden
Nürnberger inSign Offline 3.7.303 (HKLM-x32\...\{C9C1DE54-8664-4BDC-8BFC-D5E0B1488889}) (Version: 3.7.303 - Intelligent Solution Services AG)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Update 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{5C38E4A7-9778-4C51-8021-61759600D96A}) (Version: 14.9.0.2539 - Citrix Systems, Inc.) Hidden
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.0.26.200 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A4C11C81-EE0D-41A6-835F-D92689E31A86}) (Version: 6.0.37.38653 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{B132F06A-191F-404F-ABEE-30605AA44533}) (Version: 6.0.37.38653 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{400F80DE-5343-47F7-A8A9-D74988BCA124}) (Version: 6.0.37.38653 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.2 - pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.154 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Riester-Fördercheck© (HKLM-x32\...\{A6FF34C8-CD6E-4CCE-8999-9F706F81F47C}) (Version: 1.02.4000 - )
Riester-Rechner© (HKLM-x32\...\{1FD48EA1-3805-4E41-8DB1-A7E92A973DD0}) (Version: 5.03.0000 - )
Self-Service Plug-in (HKLM-x32\...\{C7E328BE-E4FF-4D07-B848-1179C42C8AD4}) (Version: 4.9.0.2528 - Citrix Systems, Inc.) Hidden
SFPreset (HKLM\...\SFPreset) (Version: 4.1.0.21 - Conexant Systems)
SSPConfig (HKLM\...\SSPConfig) (Version: 1.1.0.10 - Conexant Systems)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.23 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AAB396C1-4338-4825-BFA1-A085F3C55781}) (Version: 2.19.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{2c22fe4f-4031-4b73-9800-e747707bc893}) (Version: 4.3.1930.3764 - Lavasoft)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3642975892-4094710876-1693064538-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jens\AppData\Local\GoToMeeting\8789\G2MOutlookAddin64.dll => Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers1-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-02-15] (Romain Petges)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-02-15] (Romain Petges)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki124451.inf_amd64_1b1f9cf580c10ff8\igfxDTCM.dll [2017-09-26] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {09B824AB-F2FB-4FF8-9523-F88C34CA3654} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-22] (NVIDIA Corporation)
Task: {0FDC0BA2-CE35-4EC2-A3F2-2C4E4E42FB2D} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-05-12] ()
Task: {11165383-04DD-4DBC-B61F-A1D1533CA673} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {16CD2EFF-0ADB-4D95-89A9-34E63EC52802} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-22] (NVIDIA Corporation)
Task: {18923ACF-74F4-4E7C-A513-A42E522FE64D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-01] (Microsoft Corporation)
Task: {18C87B9B-7B46-42A6-9E1D-3B62E480AEB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-08-21] (HP Inc.)
Task: {367513DC-F9C8-4FCD-A9A2-D4FF6BAF4A8F} - System32\Tasks\HPCeeScheduleForJens => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {3A1DC92D-9FE6-4FC6-B0A0-7971F61B847B} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2016-02-03] ()
Task: {52905F83-EB6A-4141-B859-09ABAB44A843} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {546C1627-FB8F-43B0-95A8-E42F0CC9282C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-29] (AVAST Software)
Task: {64F55A34-D5E5-49FB-ADC8-60AA0CF17158} - System32\Tasks\EPSON WF-4740 Series Update {165741EF-BB4D-48DC-BEF6-2741536E5F83} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {6535B5E5-BCFF-4663-A33B-289F40F1476A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-22] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6D2CA8D1-DBF0-437A-B539-73BCB279634F} - System32\Tasks\G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002 => C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupload.exe [2018-11-04] (LogMeIn, Inc.)
Task: {759B0718-2725-4196-8C77-C1D992725AF9} - System32\Tasks\G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002 => C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupdate.exe [2018-11-04] (LogMeIn, Inc.)
Task: {79CC5D88-C65C-481C-B426-3034FE2AB52B} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2017-08-09] (Conexant)
Task: {7A52083E-D6F7-4091-8313-BAB1C4469C0C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {7D0A4847-053F-4F20-9A1D-6761338856C6} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2016-02-03] ()
Task: {8653AEB7-619F-4DA0-A0F8-CC729B5A1FA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-09-06] (HP Inc.)
Task: {880137FD-2EEA-434C-B521-C4B12E216EA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {8815B507-AAF3-40C7-84AD-39F3F7ECE1D4} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
Task: {8874E076-1BF3-403A-B972-7137D74A5E52} - System32\Tasks\Microsoft\Windows\Conexant\FLOW => C:\Program Files\CONEXANT\FLOW\SACpl.exe [2016-12-01] (Conexant Systems, Inc.)
Task: {8B91F924-69A1-4D47-AE9E-EC9162669A55} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-22] (NVIDIA Corporation)
Task: {8C925259-8A2E-4E5A-818B-A0351C0E8669} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper)
Task: {968A33A7-B49C-479A-AD93-C1C90F279CB3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-29] (AVAST Software)
Task: {97257A7B-3FEA-40D1-B0F2-CCE32F663DB2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-01] (Microsoft Corporation)
Task: {97FAE6A7-B5F2-4E57-A070-CD9FD662EA42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {9FA9B679-0064-4302-A88F-EC958D7B1D3E} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {A344C19D-1EDE-47EC-B58B-AD8A66378093} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-01] (Microsoft Corporation)
Task: {BBB88749-B731-4915-8245-181434969837} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-01] (Microsoft Corporation)
Task: {C085F135-9630-40B8-A544-C68715C90C60} - System32\Tasks\EPSON WF-4740 Series Update {EB035632-5461-4D14-85D8-3B5105A1AC70} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {C1A3E25C-1943-456D-BB93-50C15E7F786E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-22] (NVIDIA Corporation)
Task: {C71F1900-2405-46E2-9857-5FF7E5D958A2} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2018-01-24] (Tracker Software Products (Canada) Ltd.)
Task: {D9331EFA-0C9E-4166-9D46-A0D72C2C50E2} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-04-07] (HP Inc.)
Task: {E5E592D6-15FE-48BF-8F5D-F134EA49DA32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {E63E8645-B0D3-4109-87F4-EC53CE21E456} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {F30797E1-452F-4D16-BCB3-AE60BDA8A67E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON WF-4740 Series Update {165741EF-BB4D-48DC-BEF6-2741536E5F83}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE:/EXE:{165741EF-BB4D-48DC-BEF6-2741536E5F83} /F:UpdateWORKGROUP\DESKTOP-0PI5060$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-4740 Series Update {EB035632-5461-4D14-85D8-3B5105A1AC70}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSQCE.EXE:/EXE:{EB035632-5461-4D14-85D8-3B5105A1AC70} /F:UpdateWORKGROUP\DESKTOP-0PI5060$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job => C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3642975892-4094710876-1693064538-1002.job => C:\Users\Jens\AppData\Local\GoToMeeting\10996\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJens.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-03-20 12:12 - 2012-06-21 07:25 - 000113152 _____ () C:\WINDOWS\System32\redmon64.dll
2017-08-09 05:48 - 2017-08-09 05:48 - 000022528 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2016-07-13 16:43 - 2016-07-13 16:43 - 000331768 _____ () c:\Program Files\HP\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2017-07-24 07:26 - 2017-07-24 07:26 - 000414296 ____N () C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelSstPpDll.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-03-19 16:53 - 2018-09-20 06:58 - 000017696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000037664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2018-03-16 15:49 - 2016-11-20 10:10 - 000163000 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_49_x64.dll
2018-08-10 15:41 - 2016-02-03 09:12 - 000062232 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2017-05-12 12:19 - 2017-05-12 12:19 - 000459680 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-08-10 15:41 - 2016-02-03 09:12 - 000077592 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-09 18:15 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 07:19 - 2018-10-04 07:19 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-23 07:25 - 2018-10-23 07:26 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-23 07:25 - 2018-10-23 07:26 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2017-11-15 16:01 - 2017-11-15 16:01 - 000028672 _____ () C:\Program Files (x86)\inSign-Offline\InsignHotspotServiceHost.exe
2018-08-10 15:41 - 2016-02-03 07:58 - 000072984 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_06.dll
2018-03-16 15:49 - 2016-11-20 10:10 - 000148664 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_49_Win32.dll
2018-03-16 13:44 - 2018-03-16 13:44 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-29 09:41 - 2018-10-29 09:41 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000120096 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000105248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000372000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000059168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2018-07-30 09:17 - 2018-09-20 06:58 - 000062752 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000084256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2018-07-30 09:17 - 2018-09-20 06:58 - 000020768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll
2018-03-24 18:50 - 2018-09-20 06:58 - 000065824 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dll
2018-03-24 18:50 - 2018-09-20 06:58 - 000135464 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\liblz4.dll
2018-03-19 16:53 - 2018-09-20 06:58 - 000057632 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2018-08-10 15:41 - 2017-11-10 10:23 - 003662832 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2017-06-14 18:29 - 2017-06-14 18:29 - 000021648 _____ () C:\Program Files\HP\HP Velocity\MUI\de-DE.dll
2014-07-10 14:00 - 2014-07-10 14:00 - 003396096 _____ () C:\Program Files (x86)\inSign\UPadBridge\openjre\bin\client\jvm.dll
2018-11-06 08:29 - 2018-11-06 08:29 - 000043520 ____N () C:\Users\Jens\AppData\Local\Temp\proxy_vole1746935701100306207.dll
2018-10-14 13:01 - 2018-10-14 13:01 - 000156672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\661f4397c01027a53d71b945c0c3f000\BRIDGECommon.ni.dll
2018-10-14 13:02 - 2018-10-14 13:02 - 000329728 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\fc17ff6d50192a06264038367418dc81\CleanStartController.ni.dll
2018-10-14 13:02 - 2018-10-14 13:02 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\0b829e43ae43020e9165986fb7e37f68\BridgeExtension.ni.dll
2017-12-03 11:18 - 2017-12-03 11:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-01 04:07 - 2018-11-01 14:22 - 001072912 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-03-18 22:03 - 2018-08-31 12:36 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3642975892-4094710876-1693064538-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B044E7F0-6431-4DDC-AD2B-762C275D61AA}] => (Allow) C:\Users\Jens\AppData\Local\Temp\WF-4740\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{A044C7CA-1F0D-4F65-8C54-9B6A39A8EA56}] => (Allow) C:\Users\Jens\AppData\Local\Temp\WF-4740\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{847B2E2E-19AC-4FB3-B02D-96E5359783F8}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{01634277-5705-4AB2-A00D-BD06EF09E71B}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{3D507871-299E-4EB1-BD59-A9174FD6FDBD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CCF8411-3025-4F4D-B283-8EB225DBED83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{898130C7-8C00-4D2D-A757-85B3AD7BB1C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F36DF01A-C82A-4A8D-B639-7580DD612E42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BE90914-6BEE-475E-B390-EB996C2DFFFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1ABB7382-9105-432C-BDC3-E0A907F30042}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{97F120A6-A220-4481-AEAC-17412696E575}] => (Allow) LPort=8447
FirewallRules: [{8A9FAE09-6D4F-459A-9F0F-39DDF2C76D45}] => (Allow) LPort=8449
FirewallRules: [{97FAA8AF-1F14-4883-9404-6D40AD198D3A}] => (Allow) LPort=8448
FirewallRules: [{8BC62882-644E-4CAB-A114-5A90F03D3A26}] => (Allow) LPort=8450
FirewallRules: [{FE4BC235-DD20-4333-B738-BA5E39D46C25}] => (Allow) C:\Program Files (x86)\inSign-Offline\jre\bin\javaw.exe
FirewallRules: [{76566030-FB0E-4841-9983-6BCFDC4895F2}] => (Allow) C:\Program Files (x86)\NuernbergerBT\BTnet_0118\CompassService\BTCompass_18_01.exe
FirewallRules: [{F0887A3B-1B17-4BED-9F20-984E7B462229}] => (Allow) LPort=2067
FirewallRules: [{ED8457F2-9C05-438C-BC8F-5DEC6599E0E2}] => (Allow) LPort=2069
FirewallRules: [{B245383F-CB10-4414-B99E-51F982F54E3B}] => (Allow) LPort=2070
FirewallRules: [{C6BA9E18-1B20-4C0F-AE77-77C3778F2FE6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4B5338DA-C641-48CB-8F07-FB84C86D88A3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{A66383B7-AD45-459B-8717-3055DC27CA6C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{621264FB-04C8-413D-8472-DAD7B0D47BC8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{BF7D8DAA-2E36-4C19-A639-4AB94D4C5A31}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{C85F7A57-B5D8-49F6-875B-92D18EA9A591}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{9D0C4591-6950-4C35-BC13-9B2D9AA73B18}] => (Allow) C:\Program Files\Akruto\AkrutoSync.exe
FirewallRules: [{AEFBF335-8B53-4D25-B418-46A1155D59C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{770469B6-5FEE-4EA8-94EA-D0127A151743}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C7FDE1D8-CF22-44E1-93C0-2B93A831269B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{00ECEE4B-F91C-41A0-B5B2-B2917D68F2FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9FF01CA0-8013-478E-91EE-3605E94AE44D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{51A6FC49-912D-493A-A65B-F33AA1BC729B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7FF0E2E4-3557-4E2C-A145-6584DC540419}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9D015499-BEC5-4F6B-88C3-5A9958AED6EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BBB754-FFC4-4C48-B544-17ACFAFEF5F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7627D502-0FF1-4240-8E9A-5151DC2EF1C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{320B7523-BAE6-4F56-B13A-53B5AD6A79CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8474BCBD-7E7B-4AD2-BBDB-6FE303C6C10D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A070C10E-D2B5-4FCF-8B0C-5E8547A8BB16}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C3D560F-7D60-48CF-9591-57EF413E5A25}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{32E6AEE6-6A19-4520-BF4F-20258B0BEBD9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{85FA2C80-9513-4BDB-96A8-92D315416BD5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7E6BF9ED-89FD-4042-9C66-C05BA576A0A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PureFarming\PureFarming_Launcher.exe
FirewallRules: [{31D6643E-A7BF-483E-97CD-4011F4719453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PureFarming\PureFarming_Launcher.exe
==================== Wiederherstellungspunkte =========================
02-11-2018 09:07:49 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/06/2018 08:02:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-0PI5060.local already in use; will try DESKTOP-0PI5060-2.local instead
Error: (11/06/2018 08:02:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 DESKTOP-0PI5060.local. Addr 192.168.1.56
Error: (11/06/2018 08:02:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.56:5353 16 DESKTOP-0PI5060.local. AAAA 2A02:8109:12C0:07D4:150A:B730:C170:E16C
Error: (11/06/2018 08:02:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-0PI5060.local. AAAA FE80:0000:0000:0000:150A:B730:C170:E16C
Error: (11/06/2018 08:02:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.72:5353 16 DESKTOP-0PI5060.local. AAAA 2A02:8109:12C0:07D4:C985:1594:6AC5:8AE3
Error: (11/06/2018 08:02:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 DESKTOP-0PI5060.local. Addr 192.168.1.56
Error: (11/06/2018 08:02:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.72:5353 16 DESKTOP-0PI5060.local. AAAA 2A02:8109:12C0:07D4:C985:1594:6AC5:8AE3
Error: (11/06/2018 08:02:33 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: System.IO.IOException: Der Prozess kann nicht auf die Datei "C:\Windows\Temp\signtool.exe" zugreifen, da sie von einem anderen Prozess verwendet wird.
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode)
bei _HPCommRecovery.Tools.Signtool.ExtractSignTool()
bei _HPCommRecovery.Tools.Signtool.Verify(String arg)
bei _HPCommRecovery.HPAHAgent.CallAgent()
bei _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
bei _HPCommRecovery.HPAHLogger.NewSession...
Systemfehler:
=============
Error: (11/06/2018 08:29:19 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0xfffff8003e45e378, 0x0000000000000000). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 9bff84bd-1c13-4ee8-8353-07f8a5bc1277.
Error: (11/06/2018 08:29:06 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0PI5060)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-0PI5060\Jens" (SID: S-1-5-21-3642975892-4094710876-1693064538-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2018 08:28:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2018 08:28:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2018 08:28:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2018 08:28:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/06/2018 08:28:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (11/06/2018 08:28:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16279.2 MB
Verfügbarer physikalischer RAM: 11738.66 MB
Summe virtueller Speicher: 18711.2 MB
Verfügbarer virtueller Speicher: 14178.31 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:455.29 GB) (Free:359.25 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:19.49 GB) (Free:2.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{52aa0c5c-12f6-4ebb-a751-36d43421574b}\ (Windows RE tools) (Fixed) (Total:1.68 GB) (Free:1.18 GB) NTFS
\\?\Volume{5085bacc-f37d-4448-ad9a-32a4e89272ed}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.26 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 222A4249)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
06.11.2018, 09:33
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Ahhh man nicht schon wieder Hijackthis  Kannst du bitte mal erklären, warum auch du auf HijackThis kommst? Das Tool setzen wir seit etlichen jahren nicht mehr ein und überall gibt es Hinweise hier, das Teil nicht mehr zu nutzen. Auch bist du kein "alter" User, sondern erst seit kurzem hier registriert, du dürftest HijackThis also von uns gar nicht kennen. Und du warst bei weitem nicht der einzige, der hier die letzte Teit mit HijackThis aufschlug. Deswegen will ich mal wissen wie du darauf kommst.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.11.2018, 09:39
| #5 | |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Zitat:
ich hatte vor etlichen Jahren das letzte Mal Probleme derart. Daher kannte ich es noch. Sorry, hab jetzt auch das Board empfohlene Tool nachgepostet. Gruß Jens Ich bin jetzt gleich im Außendienst falls Reaktionen mit Fragen kommen. Ich werde dann heute Nachmittag erst wieder reinschauen können. Bis dahin lass ich den Rechner vom LAN und vom Teamviewer/Desktop/Serverzugriff und mache erst mal nichts. Die Kolleg/-innen wissen Bescheid Chef und 'Absender' der Mail auch... |
|
06.11.2018, 09:47
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Da das (d)ein Büro-Rechner ist - wieso müssen wir den bereinigen, ist deine IT dafür nicht zuständig?
__________________ --> RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! |
|
06.11.2018, 09:50
| #7 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! :-) die gibts hier nich, zu klein. Ein paar haben ein bisschen Ahnung, sind hier aber überfragt. (s. Hijackthis) |
|
06.11.2018, 11:41
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! gut, das wollte ich hören/wissen Avast bitte komplett deinstallieren Von Avast raten wir schon lange ab, außerdem will ich für eine Analyse und Bereinigung so wenig Störquellen wie nur möglich. Zum Abschluss gibt es Hinweise zur Absicherung deines Windows-Systems. Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn das weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.11.2018, 15:01
| #9 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Hi Cosinus, vielen Dank erstmal für die schnelle Antwort. Ich mach mich jetzt an die Umsetzung. Melde mich dann. Gruß Jens Adobe Acrobat Reader DC - Deutsch Avast Free Antivirus chip 1-click download service Java 7 Update 71 Web Companion mit Revo gelöscht... |
|
06.11.2018, 15:06
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.11.2018, 15:14
| #11 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Code:
ATTFilter 15:09:34.0265 0x2d7c TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
15:09:34.0265 0x2d7c UEFI system
15:09:42.0005 0x2d7c ============================================================
15:09:42.0005 0x2d7c Current date / time: 2018/11/06 15:09:42.0005
15:09:42.0006 0x2d7c SystemInfo:
15:09:42.0006 0x2d7c
15:09:42.0006 0x2d7c OS Version: 10.0.17134 ServicePack: 0.0
15:09:42.0006 0x2d7c Product type: Workstation
15:09:42.0006 0x2d7c ComputerName: DESKTOP-0PI5060
15:09:42.0006 0x2d7c UserName: Jens
15:09:42.0006 0x2d7c Windows directory: C:\WINDOWS
15:09:42.0006 0x2d7c System windows directory: C:\WINDOWS
15:09:42.0006 0x2d7c Running under WOW64
15:09:42.0006 0x2d7c Processor architecture: Intel x64
15:09:42.0006 0x2d7c Number of processors: 8
15:09:42.0006 0x2d7c Page size: 0x1000
15:09:42.0006 0x2d7c Boot type: Normal boot
15:09:42.0006 0x2d7c CodeIntegrityOptions = 0x0000C001
15:09:42.0006 0x2d7c ============================================================
15:09:42.0085 0x2d7c KLMD registered as C:\WINDOWS\system32\drivers\70265950.sys
15:09:42.0086 0x2d7c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
15:09:42.0141 0x2d7c System UUID: {8C215C8F-7162-CFD6-B32D-293705CF6708}
15:09:42.0470 0x2d7c Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:09:42.0476 0x2d7c ============================================================
15:09:42.0476 0x2d7c \Device\Harddisk0\DR0:
15:09:42.0476 0x2d7c GPT partitions:
15:09:42.0477 0x2d7c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5085BACC-F37D-4448-AD9A-32A4E89272ED}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xB4000
15:09:42.0477 0x2d7c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {909EA2B6-7010-4D23-9A1D-DD83FB676562}, Name: Microsoft reserved partition, StartLBA 0xB4800, BlocksNum 0x40000
15:09:42.0477 0x2d7c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F19F4F45-8898-41EB-93D3-D3B22075FF79}, Name: Basic data partition, StartLBA 0xF4800, BlocksNum 0x38E92000
15:09:42.0477 0x2d7c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {52AA0C5C-12F6-4EBB-A751-36D43421574B}, Name: Basic data partition, StartLBA 0x38F86800, BlocksNum 0x35E800
15:09:42.0477 0x2d7c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B34EC360-49B1-4CC0-BF51-221208F026A9}, Name: Basic data partition, StartLBA 0x392E5000, BlocksNum 0x26F9800
15:09:42.0477 0x2d7c MBR partitions:
15:09:42.0477 0x2d7c ============================================================
15:09:42.0478 0x2d7c D: <-> \Device\Harddisk0\DR0\Partition5
15:09:42.0478 0x2d7c ============================================================
15:09:42.0478 0x2d7c Initialize success
15:09:42.0478 0x2d7c ============================================================
15:10:41.0482 0x0a0c ============================================================
15:10:41.0482 0x0a0c Scan started
15:10:41.0482 0x0a0c Mode: Manual; SigCheck; TDLFS;
15:10:41.0482 0x0a0c ============================================================
15:10:41.0482 0x0a0c KSN ping started
15:10:41.0680 0x0a0c KSN ping finished: true
15:10:42.0221 0x0a0c ================ Scan system memory ========================
15:10:42.0221 0x0a0c System memory - ok
15:10:42.0225 0x0a0c ================ Scan services =============================
15:10:42.0251 0x0a0c 1394ohci - ok
15:10:42.0258 0x0a0c 3ware - ok
15:10:42.0266 0x0a0c Accelerometer - ok
15:10:42.0271 0x0a0c ACPI - ok
15:10:42.0277 0x0a0c AcpiDev - ok
15:10:42.0283 0x0a0c acpiex - ok
15:10:42.0292 0x0a0c acpipagr - ok
15:10:42.0300 0x0a0c AcpiPmi - ok
15:10:42.0308 0x0a0c acpitime - ok
15:10:42.0317 0x0a0c AdobeARMservice - ok
15:10:42.0332 0x0a0c ADP80XX - ok
15:10:42.0345 0x0a0c AFD - ok
15:10:42.0357 0x0a0c afunix - ok
15:10:42.0366 0x0a0c ahcache - ok
15:10:42.0373 0x0a0c AJRouter - ok
15:10:42.0379 0x0a0c ALG - ok
15:10:42.0388 0x0a0c AmdK8 - ok
15:10:42.0395 0x0a0c AmdPPM - ok
15:10:42.0403 0x0a0c amdsata - ok
15:10:42.0408 0x0a0c amdsbs - ok
15:10:42.0414 0x0a0c amdxata - ok
15:10:42.0420 0x0a0c AppHostSvc - ok
15:10:42.0427 0x0a0c AppID - ok
15:10:42.0436 0x0a0c AppIDSvc - ok
15:10:42.0443 0x0a0c Appinfo - ok
15:10:42.0449 0x0a0c applockerfltr - ok
15:10:42.0455 0x0a0c AppMgmt - ok
15:10:42.0462 0x0a0c AppReadiness - ok
15:10:42.0471 0x0a0c AppVClient - ok
15:10:42.0480 0x0a0c AppvStrm - ok
15:10:42.0488 0x0a0c AppvVemgr - ok
15:10:42.0493 0x0a0c AppvVfs - ok
15:10:42.0499 0x0a0c AppXSvc - ok
15:10:42.0504 0x0a0c arcsas - ok
15:10:42.0527 0x0a0c aspnet_state - ok
15:10:42.0533 0x0a0c AssignedAccessManagerSvc - ok
15:10:42.0539 0x0a0c AsyncMac - ok
15:10:42.0545 0x0a0c atapi - ok
15:10:42.0556 0x0a0c AudioEndpointBuilder - ok
15:10:42.0565 0x0a0c Audiosrv - ok
15:10:42.0572 0x0a0c AxInstSV - ok
15:10:42.0577 0x0a0c b06bdrv - ok
15:10:42.0583 0x0a0c bam - ok
15:10:42.0589 0x0a0c BasicDisplay - ok
15:10:42.0599 0x0a0c BasicRender - ok
15:10:42.0610 0x0a0c BcastDVRUserService - ok
15:10:42.0620 0x0a0c bcmfn2 - ok
15:10:42.0626 0x0a0c BDESVC - ok
15:10:42.0638 0x0a0c Beep - ok
15:10:42.0645 0x0a0c BFE - ok
15:10:42.0654 0x0a0c bindflt - ok
15:10:42.0661 0x0a0c BITS - ok
15:10:42.0669 0x0a0c BluetoothUserService - ok
15:10:42.0681 0x0a0c Bonjour Service - ok
15:10:42.0693 0x0a0c bowser - ok
15:10:42.0705 0x0a0c BrokerInfrastructure - ok
15:10:42.0711 0x0a0c Browser - ok
15:10:42.0716 0x0a0c BTAGService - ok
15:10:42.0722 0x0a0c BthA2DP - ok
15:10:42.0727 0x0a0c BthAvctpSvc - ok
15:10:42.0733 0x0a0c BthEnum - ok
15:10:42.0741 0x0a0c BthHFEnum - ok
15:10:42.0747 0x0a0c BthLEEnum - ok
15:10:42.0756 0x0a0c BTHMODEM - ok
15:10:42.0763 0x0a0c BthPan - ok
15:10:42.0770 0x0a0c BTHPORT - ok
15:10:42.0778 0x0a0c bthserv - ok
15:10:42.0788 0x0a0c BTHUSB - ok
15:10:42.0795 0x0a0c bttflt - ok
15:10:42.0802 0x0a0c buttonconverter - ok
15:10:42.0808 0x0a0c CAD - ok
15:10:42.0815 0x0a0c camsvc - ok
15:10:42.0822 0x0a0c CapImg - ok
15:10:42.0831 0x0a0c CaptureService - ok
15:10:42.0840 0x0a0c cdfs - ok
15:10:42.0846 0x0a0c CDPSvc - ok
15:10:42.0853 0x0a0c CDPUserSvc - ok
15:10:42.0862 0x0a0c cdrom - ok
15:10:42.0871 0x0a0c CertPropSvc - ok
15:10:42.0879 0x0a0c cht4iscsi - ok
15:10:42.0887 0x0a0c cht4vbd - ok
15:10:42.0894 0x0a0c circlass - ok
15:10:42.0901 0x0a0c CldFlt - ok
15:10:42.0908 0x0a0c CLFS - ok
15:10:42.0917 0x0a0c ClickToRunSvc - ok
15:10:42.0931 0x0a0c ClipSVC - ok
15:10:42.0950 0x0a0c CmBatt - ok
15:10:42.0961 0x0a0c CNG - ok
15:10:42.0968 0x0a0c cnghwassist - ok
15:10:42.0974 0x0a0c CnxtHdAudService - ok
15:10:42.0979 0x0a0c CompositeBus - ok
15:10:42.0985 0x0a0c COMSysApp - ok
15:10:42.0993 0x0a0c condrv - ok
15:10:43.0002 0x0a0c CoreMessagingRegistrar - ok
15:10:43.0012 0x0a0c cphs - ok
15:10:43.0034 0x0a0c cplspcon - ok
15:10:43.0047 0x0a0c CryptSvc - ok
15:10:43.0053 0x0a0c CSC - ok
15:10:43.0058 0x0a0c CscService - ok
15:10:43.0066 0x0a0c ctxusbm - ok
15:10:43.0071 0x0a0c CxMonSvc - ok
15:10:43.0081 0x0a0c CxUtilSvc - ok
15:10:43.0088 0x0a0c dam - ok
15:10:43.0094 0x0a0c DAMDrv - ok
15:10:43.0103 0x0a0c DcomLaunch - ok
15:10:43.0108 0x0a0c defragsvc - ok
15:10:43.0116 0x0a0c DeviceAssociationService - ok
15:10:43.0122 0x0a0c DeviceInstall - ok
15:10:43.0128 0x0a0c DevicePickerUserSvc - ok
15:10:43.0137 0x0a0c DevicesFlowUserSvc - ok
15:10:43.0148 0x0a0c DevQueryBroker - ok
15:10:43.0159 0x0a0c Dfsc - ok
15:10:43.0166 0x0a0c Dhcp - ok
15:10:43.0173 0x0a0c diagnosticshub.standardcollector.service - ok
15:10:43.0179 0x0a0c diagsvc - ok
15:10:43.0187 0x0a0c DiagTrack - ok
15:10:43.0195 0x0a0c Disk - ok
15:10:43.0208 0x0a0c DmEnrollmentSvc - ok
15:10:43.0216 0x0a0c dmvsc - ok
15:10:43.0223 0x0a0c dmwappushservice - ok
15:10:43.0228 0x0a0c Dnscache - ok
15:10:43.0239 0x0a0c dot3svc - ok
15:10:43.0248 0x0a0c dot4 - ok
15:10:43.0257 0x0a0c Dot4Print - ok
15:10:43.0263 0x0a0c Dot4Scan - ok
15:10:43.0268 0x0a0c dot4usb - ok
15:10:43.0274 0x0a0c DpHost - ok
15:10:43.0279 0x0a0c DPS - ok
15:10:43.0286 0x0a0c dptf_acpi - ok
15:10:43.0295 0x0a0c dptf_cpu - ok
15:10:43.0304 0x0a0c drmkaud - ok
15:10:43.0313 0x0a0c DsmSvc - ok
15:10:43.0319 0x0a0c DsSvc - ok
15:10:43.0327 0x0a0c DusmSvc - ok
15:10:43.0334 0x0a0c DXGKrnl - ok
15:10:43.0342 0x0a0c Eaphost - ok
15:10:43.0351 0x0a0c ebdrv - ok
15:10:43.0359 0x0a0c EFS - ok
15:10:43.0366 0x0a0c EhStorClass - ok
15:10:43.0376 0x0a0c EhStorTcgDrv - ok
15:10:43.0383 0x0a0c embeddedmode - ok
15:10:43.0388 0x0a0c EntAppSvc - ok
15:10:43.0395 0x0a0c EpsonCustomerResearchParticipation - ok
15:10:43.0405 0x0a0c EpsonScanSvc - ok
15:10:43.0414 0x0a0c ErrDev - ok
15:10:43.0425 0x0a0c esifsvc - ok
15:10:43.0432 0x0a0c esif_lf - ok
15:10:43.0441 0x0a0c EventSystem - ok
15:10:43.0452 0x0a0c EvtEng - ok
15:10:43.0460 0x0a0c exfat - ok
15:10:43.0466 0x0a0c fastfat - ok
15:10:43.0472 0x0a0c Fax - ok
15:10:43.0477 0x0a0c fdc - ok
15:10:43.0483 0x0a0c fdPHost - ok
15:10:43.0490 0x0a0c FDResPub - ok
15:10:43.0499 0x0a0c fhsvc - ok
15:10:43.0505 0x0a0c FileCrypt - ok
15:10:43.0510 0x0a0c FileInfo - ok
15:10:43.0516 0x0a0c Filetrace - ok
15:10:43.0521 0x0a0c FLCDLOCK - ok
15:10:43.0528 0x0a0c flpydisk - ok
15:10:43.0539 0x0a0c FltMgr - ok
15:10:43.0548 0x0a0c FontCache - ok
15:10:43.0555 0x0a0c FontCache3.0.0.0 - ok
15:10:43.0561 0x0a0c fpCsEvtSvc - ok
15:10:43.0569 0x0a0c FrameServer - ok
15:10:43.0579 0x0a0c FsDepends - ok
15:10:43.0590 0x0a0c Fs_Rec - ok
15:10:43.0597 0x0a0c fvevol - ok
15:10:43.0604 0x0a0c gencounter - ok
15:10:43.0610 0x0a0c genericusbfn - ok
15:10:43.0617 0x0a0c GPIOClx0101 - ok
15:10:43.0627 0x0a0c gpsvc - ok
15:10:43.0635 0x0a0c GpuEnergyDrv - ok
15:10:43.0640 0x0a0c GraphicsPerfSvc - ok
15:10:43.0646 0x0a0c HDAudBus - ok
15:10:43.0653 0x0a0c HidBatt - ok
15:10:43.0660 0x0a0c HidBth - ok
15:10:43.0671 0x0a0c hidi2c - ok
15:10:43.0678 0x0a0c hidinterrupt - ok
15:10:43.0685 0x0a0c HidIr - ok
15:10:43.0698 0x0a0c hidserv - ok
15:10:43.0704 0x0a0c HidUsb - ok
15:10:43.0723 0x0a0c HP Comm Recover - ok
15:10:43.0733 0x0a0c hpdskflt - ok
15:10:43.0739 0x0a0c HPJumpStartBridge - ok
15:10:43.0745 0x0a0c HPMAMSrv - ok
15:10:43.0753 0x0a0c hpqcaslwmiex - ok
15:10:43.0764 0x0a0c HpSAMD - ok
15:10:43.0778 0x0a0c HPSupportSolutionsFrameworkService - ok
15:10:43.0786 0x0a0c HPWorkWise - ok
15:10:43.0792 0x0a0c HTTP - ok
15:10:43.0798 0x0a0c hvcrash - ok
15:10:43.0804 0x0a0c HvHost - ok
15:10:43.0809 0x0a0c hvservice - ok
15:10:43.0819 0x0a0c HwNClx0101 - ok
15:10:43.0827 0x0a0c hwpolicy - ok
15:10:43.0834 0x0a0c hyperkbd - ok
15:10:43.0841 0x0a0c HyperVideo - ok
15:10:43.0849 0x0a0c i8042prt - ok
15:10:43.0857 0x0a0c iagpio - ok
15:10:43.0867 0x0a0c iai2c - ok
15:10:43.0877 0x0a0c iaLPSS2i_GPIO2 - ok
15:10:43.0887 0x0a0c iaLPSS2i_GPIO2_BXT_P - ok
15:10:43.0893 0x0a0c iaLPSS2i_I2C - ok
15:10:43.0900 0x0a0c iaLPSS2i_I2C_BXT_P - ok
15:10:43.0907 0x0a0c iaLPSS2_GPIO2 - ok
15:10:43.0916 0x0a0c iaLPSS2_I2C - ok
15:10:43.0931 0x0a0c iaLPSS2_SPI - ok
15:10:43.0938 0x0a0c iaLPSS2_UART2 - ok
15:10:43.0945 0x0a0c iaLPSSi_GPIO - ok
15:10:43.0956 0x0a0c iaLPSSi_I2C - ok
15:10:43.0964 0x0a0c iaStorA - ok
15:10:43.0973 0x0a0c iaStorAfs - ok
15:10:43.0988 0x0a0c iaStorAfsService - ok
15:10:44.0008 0x0a0c iaStorAVC - ok
15:10:44.0016 0x0a0c IAStorDataMgrSvc - ok
15:10:44.0022 0x0a0c iaStorV - ok
15:10:44.0029 0x0a0c ibbus - ok
15:10:44.0039 0x0a0c ibtsiva - ok
15:10:44.0049 0x0a0c ibtusb - ok
15:10:44.0060 0x0a0c icssvc - ok
15:10:44.0071 0x0a0c igfx - ok
15:10:44.0085 0x0a0c igfxCUIService2.0.0.0 - ok
15:10:44.0093 0x0a0c IKEEXT - ok
15:10:44.0101 0x0a0c IndirectKmd - ok
15:10:44.0124 0x0a0c inSignHSP - ok
15:10:44.0136 0x0a0c InstallService - ok
15:10:44.0145 0x0a0c IntcAudioBus - ok
15:10:44.0157 0x0a0c IntcDAud - ok
15:10:44.0167 0x0a0c IntcOED - ok
15:10:44.0178 0x0a0c Intel(R) Capability Licensing Service TCP IP Interface - ok
15:10:44.0195 0x0a0c Intel(R) TPM Provisioning Service - ok
15:10:44.0207 0x0a0c IntelAudioService - ok
15:10:44.0218 0x0a0c intelide - ok
15:10:44.0227 0x0a0c intelpep - ok
15:10:44.0244 0x0a0c intelppm - ok
15:10:44.0253 0x0a0c iorate - ok
15:10:44.0261 0x0a0c IPeakLWF - ok
15:10:44.0271 0x0a0c IpFilterDriver - ok
15:10:44.0278 0x0a0c iphlpsvc - ok
15:10:44.0285 0x0a0c IPMIDRV - ok
15:10:44.0291 0x0a0c IPNAT - ok
15:10:44.0298 0x0a0c IPT - ok
15:10:44.0308 0x0a0c IpxlatCfgSvc - ok
15:10:44.0317 0x0a0c irda - ok
15:10:44.0324 0x0a0c IRENUM - ok
15:10:44.0331 0x0a0c irmon - ok
15:10:44.0339 0x0a0c isapnp - ok
15:10:44.0345 0x0a0c iScsiPrt - ok
15:10:44.0355 0x0a0c ItSas35i - ok
15:10:44.0362 0x0a0c jhi_service - ok
15:10:44.0368 0x0a0c kbdclass - ok
15:10:44.0373 0x0a0c kbdhid - ok
15:10:44.0378 0x0a0c kdnic - ok
15:10:44.0393 0x0a0c KeyIso - ok
15:10:44.0401 0x0a0c KSecDD - ok
15:10:44.0408 0x0a0c KSecPkg - ok
15:10:44.0416 0x0a0c ksthunk - ok
15:10:44.0425 0x0a0c KtmRm - ok
15:10:44.0433 0x0a0c LanmanServer - ok
15:10:44.0442 0x0a0c LanmanWorkstation - ok
15:10:44.0455 0x0a0c lfsvc - ok
15:10:44.0463 0x0a0c LicenseManager - ok
15:10:44.0471 0x0a0c lltdio - ok
15:10:44.0477 0x0a0c lltdsvc - ok
15:10:44.0484 0x0a0c lmhosts - ok
15:10:44.0491 0x0a0c LMS - ok
15:10:44.0506 0x0a0c LSI_SAS - ok
15:10:44.0515 0x0a0c LSI_SAS2i - ok
15:10:44.0524 0x0a0c LSI_SAS3i - ok
15:10:44.0533 0x0a0c LSI_SSS - ok
15:10:44.0541 0x0a0c LSM - ok
15:10:44.0548 0x0a0c luafv - ok
15:10:44.0557 0x0a0c LxpSvc - ok
15:10:44.0568 0x0a0c MapsBroker - ok
15:10:44.0575 0x0a0c mausbhost - ok
15:10:44.0585 0x0a0c mausbip - ok
15:10:44.0592 0x0a0c megasas - ok
15:10:44.0598 0x0a0c megasas2i - ok
15:10:44.0604 0x0a0c megasas35i - ok
15:10:44.0614 0x0a0c megasr - ok
15:10:44.0621 0x0a0c MEIx64 - ok
15:10:44.0630 0x0a0c MessagingService - ok
15:10:44.0639 0x0a0c Microsoft_Bluetooth_AvrcpTransport - ok
15:10:44.0644 0x0a0c mlx4_bus - ok
15:10:44.0650 0x0a0c MMCSS - ok
15:10:44.0657 0x0a0c Modem - ok
15:10:44.0664 0x0a0c monitor - ok
15:10:44.0672 0x0a0c mouclass - ok
15:10:44.0681 0x0a0c mouhid - ok
15:10:44.0689 0x0a0c mountmgr - ok
15:10:44.0695 0x0a0c MozillaMaintenance - ok
15:10:44.0703 0x0a0c mpsdrv - ok
15:10:44.0709 0x0a0c mpssvc - ok
15:10:44.0721 0x0a0c MRxDAV - ok
15:10:44.0728 0x0a0c mrxsmb - ok
15:10:44.0735 0x0a0c mrxsmb10 - ok
15:10:44.0743 0x0a0c mrxsmb20 - ok
15:10:44.0750 0x0a0c MsBridge - ok
15:10:44.0756 0x0a0c MSDTC - ok
15:10:44.0778 0x0a0c Msfs - ok
15:10:44.0790 0x0a0c msgpiowin32 - ok
15:10:44.0796 0x0a0c mshidkmdf - ok
15:10:44.0803 0x0a0c mshidumdf - ok
15:10:44.0809 0x0a0c msisadrv - ok
15:10:44.0818 0x0a0c MSiSCSI - ok
15:10:44.0827 0x0a0c msiserver - ok
15:10:44.0834 0x0a0c MSKSSRV - ok
15:10:44.0841 0x0a0c MsLldp - ok
15:10:44.0847 0x0a0c MSPCLOCK - ok
15:10:44.0856 0x0a0c MSPQM - ok
15:10:44.0864 0x0a0c MsRPC - ok
15:10:44.0875 0x0a0c MsSecFlt - ok
15:10:44.0880 0x0a0c mssmbios - ok
15:10:44.0885 0x0a0c MSTEE - ok
15:10:44.0893 0x0a0c MTConfig - ok
15:10:44.0902 0x0a0c Mup - ok
15:10:44.0910 0x0a0c mvumis - ok
15:10:44.0918 0x0a0c MyWiFiDHCPDNS - ok
15:10:44.0927 0x0a0c NativeWifiP - ok
15:10:44.0934 0x0a0c NaturalAuthentication - ok
15:10:44.0942 0x0a0c NcaSvc - ok
15:10:44.0952 0x0a0c NcbService - ok
15:10:44.0958 0x0a0c NcdAutoSetup - ok
15:10:44.0968 0x0a0c ndfltr - ok
15:10:44.0975 0x0a0c NDIS - ok
15:10:44.0983 0x0a0c NdisCap - ok
15:10:44.0990 0x0a0c NdisImPlatform - ok
15:10:45.0008 0x0a0c NdisTapi - ok
15:10:45.0020 0x0a0c Ndisuio - ok
15:10:45.0029 0x0a0c NdisVirtualBus - ok
15:10:45.0038 0x0a0c NdisWan - ok
15:10:45.0045 0x0a0c ndiswanlegacy - ok
15:10:45.0055 0x0a0c ndproxy - ok
15:10:45.0067 0x0a0c Ndu - ok
15:10:45.0081 0x0a0c NetAdapterCx - ok
15:10:45.0090 0x0a0c NetBIOS - ok
15:10:45.0101 0x0a0c NetBT - ok
15:10:45.0116 0x0a0c Netlogon - ok
15:10:45.0126 0x0a0c Netman - ok
15:10:45.0135 0x0a0c netprofm - ok
15:10:45.0143 0x0a0c NetSetupSvc - ok
15:10:45.0156 0x0a0c NetTcpPortSharing - ok
15:10:45.0173 0x0a0c netvsc - ok
15:10:45.0192 0x0a0c Netwtw06 - ok
15:10:45.0207 0x0a0c NgcCtnrSvc - ok
15:10:45.0227 0x0a0c NgcSvc - ok
15:10:45.0237 0x0a0c NlaSvc - ok
15:10:45.0252 0x0a0c Npfs - ok
15:10:45.0265 0x0a0c npsvctrig - ok
15:10:45.0278 0x0a0c nsi - ok
15:10:45.0291 0x0a0c nsiproxy - ok
15:10:45.0304 0x0a0c Ntfs - ok
15:10:45.0316 0x0a0c Null - ok
15:10:45.0327 0x0a0c nvdimm - ok
15:10:45.0344 0x0a0c nvlddmkm - ok
15:10:45.0356 0x0a0c nvraid - ok
15:10:45.0368 0x0a0c nvstor - ok
15:10:45.0383 0x0a0c NvTelemetryContainer - ok
15:10:45.0401 0x0a0c OneSyncSvc - ok
15:10:45.0425 0x0a0c ose - ok
15:10:45.0441 0x0a0c p2pimsvc - ok
15:10:45.0450 0x0a0c p2psvc - ok
15:10:45.0459 0x0a0c Parport - ok
15:10:45.0471 0x0a0c partmgr - ok
15:10:45.0485 0x0a0c PcaSvc - ok
15:10:45.0500 0x0a0c pci - ok
15:10:45.0513 0x0a0c pciide - ok
15:10:45.0522 0x0a0c pcmcia - ok
15:10:45.0532 0x0a0c pcw - ok
15:10:45.0540 0x0a0c pdc - ok
15:10:45.0549 0x0a0c PDF Architect 6 - ok
15:10:45.0560 0x0a0c PDF Architect 6 Creator - ok
15:10:45.0571 0x0a0c PDF Architect 6 Manager - ok
15:10:45.0583 0x0a0c PEAUTH - ok
15:10:45.0592 0x0a0c PeerDistSvc - ok
15:10:45.0609 0x0a0c percsas2i - ok
15:10:45.0620 0x0a0c percsas3i - ok
15:10:45.0642 0x0a0c PerfHost - ok
15:10:45.0674 0x0a0c PhoneSvc - ok
15:10:45.0689 0x0a0c PimIndexMaintenanceSvc - ok
15:10:45.0706 0x0a0c pla - ok
15:10:45.0716 0x0a0c PlugPlay - ok
15:10:45.0724 0x0a0c pmem - ok
15:10:45.0735 0x0a0c PNPMEM - ok
15:10:45.0748 0x0a0c PNRPAutoReg - ok
15:10:45.0758 0x0a0c PNRPsvc - ok
15:10:45.0774 0x0a0c PolicyAgent - ok
15:10:45.0787 0x0a0c Power - ok
15:10:45.0795 0x0a0c PptpMiniport - ok
15:10:45.0810 0x0a0c PrintNotify - ok
15:10:45.0818 0x0a0c PrintWorkflowUserSvc - ok
15:10:45.0834 0x0a0c Processor - ok
15:10:45.0843 0x0a0c ProfSvc - ok
15:10:45.0854 0x0a0c Psched - ok
15:10:45.0864 0x0a0c PushToInstall - ok
15:10:45.0874 0x0a0c QWAVE - ok
15:10:45.0886 0x0a0c QWAVEdrv - ok
15:10:45.0894 0x0a0c Ramdisk - ok
15:10:45.0907 0x0a0c RasAcd - ok
15:10:45.0915 0x0a0c RasAgileVpn - ok
15:10:45.0935 0x0a0c RasAuto - ok
15:10:45.0945 0x0a0c Rasl2tp - ok
15:10:45.0955 0x0a0c RasMan - ok
15:10:45.0964 0x0a0c RasPppoe - ok
15:10:45.0971 0x0a0c RasSstp - ok
15:10:45.0977 0x0a0c rdbss - ok
15:10:45.0998 0x0a0c rdpbus - ok
15:10:46.0008 0x0a0c RDPDR - ok
15:10:46.0026 0x0a0c RdpVideoMiniport - ok
15:10:46.0037 0x0a0c rdyboost - ok
15:10:46.0049 0x0a0c ReFS - ok
15:10:46.0059 0x0a0c ReFSv1 - ok
15:10:46.0065 0x0a0c RegSrvc - ok
15:10:46.0081 0x0a0c RemoteAccess - ok
15:10:46.0089 0x0a0c RemoteRegistry - ok
15:10:46.0095 0x0a0c RetailDemo - ok
15:10:46.0104 0x0a0c RFCOMM - ok
15:10:46.0115 0x0a0c rhproxy - ok
15:10:46.0123 0x0a0c RmSvc - ok
15:10:46.0131 0x0a0c RpcEptMapper - ok
15:10:46.0143 0x0a0c RpcLocator - ok
15:10:46.0152 0x0a0c RpcSs - ok
15:10:46.0160 0x0a0c rspndr - ok
15:10:46.0168 0x0a0c rt640x64 - ok
15:10:46.0174 0x0a0c RTSPER - ok
15:10:46.0185 0x0a0c rtsuvc - ok
15:10:46.0191 0x0a0c s3cap - ok
15:10:46.0203 0x0a0c SamSs - ok
15:10:46.0213 0x0a0c sbp2port - ok
15:10:46.0223 0x0a0c SCardSvr - ok
15:10:46.0230 0x0a0c ScDeviceEnum - ok
15:10:46.0242 0x0a0c scfilter - ok
15:10:46.0252 0x0a0c Schedule - ok
15:10:46.0261 0x0a0c scmbus - ok
15:10:46.0272 0x0a0c SCPolicySvc - ok
15:10:46.0282 0x0a0c ScpVBus - ok
15:10:46.0290 0x0a0c sdbus - ok
15:10:46.0298 0x0a0c SDFRd - ok
15:10:46.0306 0x0a0c SDRSVC - ok
15:10:46.0314 0x0a0c sdstor - ok
15:10:46.0322 0x0a0c seclogon - ok
15:10:46.0331 0x0a0c SecurityHealthService - ok
15:10:46.0339 0x0a0c SEMgrSvc - ok
15:10:46.0348 0x0a0c SENS - ok
15:10:46.0359 0x0a0c Sense - ok
15:10:46.0368 0x0a0c SensorDataService - ok
15:10:46.0377 0x0a0c SensorService - ok
15:10:46.0389 0x0a0c SensrSvc - ok
15:10:46.0399 0x0a0c SerCx - ok
15:10:46.0405 0x0a0c SerCx2 - ok
15:10:46.0415 0x0a0c Serenum - ok
15:10:46.0422 0x0a0c Serial - ok
15:10:46.0429 0x0a0c sermouse - ok
15:10:46.0450 0x0a0c SessionEnv - ok
15:10:46.0457 0x0a0c sfloppy - ok
15:10:46.0465 0x0a0c SgrmAgent - ok
15:10:46.0474 0x0a0c SgrmBroker - ok
15:10:46.0483 0x0a0c SharedAccess - ok
15:10:46.0496 0x0a0c SharedRealitySvc - ok
15:10:46.0507 0x0a0c ShellHWDetection - ok
15:10:46.0517 0x0a0c shpamsvc - ok
15:10:46.0523 0x0a0c SiSRaid2 - ok
15:10:46.0533 0x0a0c SiSRaid4 - ok
15:10:46.0540 0x0a0c smphost - ok
15:10:46.0548 0x0a0c SmsRouter - ok
15:10:46.0568 0x0a0c SNMPTRAP - ok
15:10:46.0576 0x0a0c spaceport - ok
15:10:46.0583 0x0a0c SpatialGraphFilter - ok
15:10:46.0589 0x0a0c SpbCx - ok
15:10:46.0600 0x0a0c spectrum - ok
15:10:46.0608 0x0a0c Spooler - ok
15:10:46.0625 0x0a0c sppsvc - ok
15:10:46.0632 0x0a0c srv - ok
15:10:46.0640 0x0a0c srv2 - ok
15:10:46.0650 0x0a0c srvnet - ok
15:10:46.0660 0x0a0c SSDPSRV - ok
15:10:46.0670 0x0a0c ssh-agent - ok
15:10:46.0680 0x0a0c SstpSvc - ok
15:10:46.0688 0x0a0c StateRepository - ok
15:10:46.0697 0x0a0c Steam Client Service - ok
15:10:46.0706 0x0a0c stexstor - ok
15:10:46.0719 0x0a0c stisvc - ok
15:10:46.0728 0x0a0c storahci - ok
15:10:46.0737 0x0a0c storflt - ok
15:10:46.0745 0x0a0c stornvme - ok
15:10:46.0758 0x0a0c storqosflt - ok
15:10:46.0768 0x0a0c StorSvc - ok
15:10:46.0779 0x0a0c storufs - ok
15:10:46.0789 0x0a0c storvsc - ok
15:10:46.0797 0x0a0c svsvc - ok
15:10:46.0803 0x0a0c swenum - ok
15:10:46.0819 0x0a0c swprv - ok
15:10:46.0837 0x0a0c SynRMIHID - ok
15:10:46.0849 0x0a0c Synth3dVsc - ok
15:10:46.0858 0x0a0c SynTP - ok
15:10:46.0867 0x0a0c SynTPEnhService - ok
15:10:46.0878 0x0a0c SysMain - ok
15:10:46.0890 0x0a0c SystemEventsBroker - ok
15:10:46.0910 0x0a0c TabletInputService - ok
15:10:46.0926 0x0a0c TapiSrv - ok
15:10:46.0940 0x0a0c Tcpip - ok
15:10:46.0949 0x0a0c Tcpip6 - ok
15:10:46.0963 0x0a0c tcpipreg - ok
15:10:46.0975 0x0a0c tdx - ok
15:10:46.0985 0x0a0c TeamViewer - ok
15:10:47.0000 0x0a0c terminpt - ok
15:10:47.0010 0x0a0c TermService - ok
15:10:47.0021 0x0a0c Themes - ok
15:10:47.0033 0x0a0c TieringEngineService - ok
15:10:47.0041 0x0a0c TimeBrokerSvc - ok
15:10:47.0050 0x0a0c TokenBroker - ok
15:10:47.0058 0x0a0c TPM - ok
15:10:47.0073 0x0a0c TrkWks - ok
15:10:47.0082 0x0a0c TrustedInstaller - ok
15:10:47.0094 0x0a0c TsUsbFlt - ok
15:10:47.0101 0x0a0c TsUsbGD - ok
15:10:47.0108 0x0a0c tsusbhub - ok
15:10:47.0120 0x0a0c tunnel - ok
15:10:47.0132 0x0a0c tzautoupdate - ok
15:10:47.0143 0x0a0c UASPStor - ok
15:10:47.0151 0x0a0c UcmCx0101 - ok
15:10:47.0158 0x0a0c UcmTcpciCx0101 - ok
15:10:47.0171 0x0a0c UcmUcsi - ok
15:10:47.0180 0x0a0c Ucx01000 - ok
15:10:47.0192 0x0a0c UdeCx - ok
15:10:47.0201 0x0a0c udfs - ok
15:10:47.0210 0x0a0c UEFI - ok
15:10:47.0221 0x0a0c UevAgentDriver - ok
15:10:47.0238 0x0a0c UevAgentService - ok
15:10:47.0247 0x0a0c Ufx01000 - ok
15:10:47.0256 0x0a0c UfxChipidea - ok
15:10:47.0264 0x0a0c ufxsynopsys - ok
15:10:47.0277 0x0a0c UIUService - ok
15:10:47.0286 0x0a0c umbus - ok
15:10:47.0295 0x0a0c UmPass - ok
15:10:47.0307 0x0a0c UmRdpService - ok
15:10:47.0315 0x0a0c UnistoreSvc - ok
15:10:47.0330 0x0a0c upnphost - ok
15:10:47.0339 0x0a0c UrsChipidea - ok
15:10:47.0351 0x0a0c UrsCx01000 - ok
15:10:47.0359 0x0a0c UrsSynopsys - ok
15:10:47.0367 0x0a0c usbaudio - ok
15:10:47.0373 0x0a0c usbccgp - ok
15:10:47.0384 0x0a0c usbcir - ok
15:10:47.0391 0x0a0c usbehci - ok
15:10:47.0401 0x0a0c usbhub - ok
15:10:47.0413 0x0a0c USBHUB3 - ok
15:10:47.0420 0x0a0c usbohci - ok
15:10:47.0430 0x0a0c usbprint - ok
15:10:47.0437 0x0a0c usbser - ok
15:10:47.0444 0x0a0c USBSTOR - ok
15:10:47.0455 0x0a0c usbuhci - ok
15:10:47.0465 0x0a0c USBXHCI - ok
15:10:47.0473 0x0a0c UserDataSvc - ok
15:10:47.0491 0x0a0c UserManager - ok
15:10:47.0499 0x0a0c UsoSvc - ok
15:10:47.0510 0x0a0c VacSvc - ok
15:10:47.0518 0x0a0c valWBFPolicyService - ok
15:10:47.0525 0x0a0c VaultSvc - ok
15:10:47.0533 0x0a0c vdrvroot - ok
15:10:47.0541 0x0a0c vds - ok
15:10:47.0549 0x0a0c VerifierExt - ok
15:10:47.0559 0x0a0c vhdmp - ok
15:10:47.0568 0x0a0c vhf - ok
15:10:47.0575 0x0a0c vmbus - ok
15:10:47.0584 0x0a0c VMBusHID - ok
15:10:47.0592 0x0a0c vmgid - ok
15:10:47.0601 0x0a0c vmicguestinterface - ok
15:10:47.0610 0x0a0c vmicheartbeat - ok
15:10:47.0620 0x0a0c vmickvpexchange - ok
15:10:47.0635 0x0a0c vmicrdv - ok
15:10:47.0643 0x0a0c vmicshutdown - ok
15:10:47.0652 0x0a0c vmictimesync - ok
15:10:47.0659 0x0a0c vmicvmsession - ok
15:10:47.0668 0x0a0c vmicvss - ok
15:10:47.0677 0x0a0c volmgr - ok
15:10:47.0687 0x0a0c volmgrx - ok
15:10:47.0693 0x0a0c volsnap - ok
15:10:47.0700 0x0a0c volume - ok
15:10:47.0708 0x0a0c vpci - ok
15:10:47.0719 0x0a0c vsmraid - ok
15:10:47.0729 0x0a0c VSS - ok
15:10:47.0739 0x0a0c VSTXRAID - ok
15:10:47.0747 0x0a0c vwifibus - ok
15:10:47.0756 0x0a0c vwififlt - ok
15:10:47.0764 0x0a0c vwifimp - ok
15:10:47.0775 0x0a0c W32Time - ok
15:10:47.0787 0x0a0c w3logsvc - ok
15:10:47.0794 0x0a0c WaaSMedicSvc - ok
15:10:47.0802 0x0a0c WacomPen - ok
15:10:47.0808 0x0a0c WalletService - ok
15:10:47.0821 0x0a0c wanarp - ok
15:10:47.0832 0x0a0c wanarpv6 - ok
15:10:47.0847 0x0a0c WarpJITSvc - ok
15:10:47.0856 0x0a0c WAS - ok
15:10:47.0863 0x0a0c wbengine - ok
15:10:47.0874 0x0a0c WbioSrvc - ok
15:10:47.0886 0x0a0c wcifs - ok
15:10:47.0897 0x0a0c Wcmsvc - ok
15:10:47.0904 0x0a0c wcncsvc - ok
15:10:47.0913 0x0a0c wcnfs - ok
15:10:47.0923 0x0a0c WdBoot - ok
15:10:47.0933 0x0a0c Wdf01000 - ok
15:10:47.0941 0x0a0c WdFilter - ok
15:10:47.0949 0x0a0c WdiServiceHost - ok
15:10:47.0956 0x0a0c WdiSystemHost - ok
15:10:47.0964 0x0a0c wdiwifi - ok
15:10:47.0975 0x0a0c WdmCompanionFilter - ok
15:10:47.0985 0x0a0c WdNisDrv - ok
15:10:47.0996 0x0a0c WdNisSvc - ok
15:10:48.0003 0x0a0c WebClient - ok
15:10:48.0010 0x0a0c Wecsvc - ok
15:10:48.0020 0x0a0c WEPHOSTSVC - ok
15:10:48.0036 0x0a0c wercplsupport - ok
15:10:48.0049 0x0a0c WerSvc - ok
15:10:48.0060 0x0a0c WFDSConMgrSvc - ok
15:10:48.0071 0x0a0c WFPLWFS - ok
15:10:48.0079 0x0a0c WiaRpc - ok
15:10:48.0086 0x0a0c WIMMount - ok
15:10:48.0096 0x0a0c WinDefend - ok
15:10:48.0116 0x0a0c WindowsTrustedRT - ok
15:10:48.0123 0x0a0c WindowsTrustedRTProxy - ok
15:10:48.0132 0x0a0c WinHttpAutoProxySvc - ok
15:10:48.0142 0x0a0c WinMad - ok
15:10:48.0154 0x0a0c Winmgmt - ok
15:10:48.0163 0x0a0c WinNat - ok
15:10:48.0172 0x0a0c WinRM - ok
15:10:48.0191 0x0a0c WINUSB - ok
15:10:48.0200 0x0a0c WinVerbs - ok
15:10:48.0208 0x0a0c WirelessButtonDriver64 - ok
15:10:48.0222 0x0a0c wisvc - ok
15:10:48.0231 0x0a0c WlanSvc - ok
15:10:48.0238 0x0a0c wlidsvc - ok
15:10:48.0246 0x0a0c wlpasvc - ok
15:10:48.0257 0x0a0c WmiAcpi - ok
15:10:48.0274 0x0a0c wmiApSrv - ok
15:10:48.0284 0x0a0c WMPNetworkSvc - ok
15:10:48.0292 0x0a0c Wof - ok
15:10:48.0305 0x0a0c workfolderssvc - ok
15:10:48.0315 0x0a0c WpcMonSvc - ok
15:10:48.0325 0x0a0c WPDBusEnum - ok
15:10:48.0334 0x0a0c WpdUpFltr - ok
15:10:48.0343 0x0a0c WpnService - ok
15:10:48.0360 0x0a0c WpnUserService - ok
15:10:48.0374 0x0a0c ws2ifsl - ok
15:10:48.0386 0x0a0c wscsvc - ok
15:10:48.0393 0x0a0c WSDPrintDevice - ok
15:10:48.0401 0x0a0c WSDScan - ok
15:10:48.0409 0x0a0c WSearch - ok
15:10:48.0430 0x0a0c wuauserv - ok
15:10:48.0438 0x0a0c WudfPf - ok
15:10:48.0445 0x0a0c WUDFRd - ok
15:10:48.0459 0x0a0c WUDFWpdFs - ok
15:10:48.0472 0x0a0c WwanSvc - ok
15:10:48.0482 0x0a0c xbgm - ok
15:10:48.0491 0x0a0c XblAuthManager - ok
15:10:48.0499 0x0a0c XblGameSave - ok
15:10:48.0506 0x0a0c xboxgip - ok
15:10:48.0515 0x0a0c XboxGipSvc - ok
15:10:48.0525 0x0a0c XboxNetApiSvc - ok
15:10:48.0536 0x0a0c xinputhid - ok
15:10:48.0549 0x0a0c xusb22 - ok
15:10:48.0557 0x0a0c ZeroConfigService - ok
15:10:48.0561 0x0a0c ================ Scan global ===============================
15:10:48.0563 0x0a0c [ Global ] - ok
15:10:48.0565 0x0a0c ================ Scan MBR ==================================
15:10:48.0569 0x0a0c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:10:48.0593 0x0a0c \Device\Harddisk0\DR0 - ok
15:10:48.0594 0x0a0c ================ Scan VBR ==================================
15:10:48.0598 0x0a0c [ FFBE58EAE33C89F94ED71F3CE621D07B ] \Device\Harddisk0\DR0\Partition1
15:10:48.0599 0x0a0c \Device\Harddisk0\DR0\Partition1 - ok
15:10:48.0604 0x0a0c [ 91EE1141C4BAE2D712B0C3937EE6A437 ] \Device\Harddisk0\DR0\Partition2
15:10:48.0605 0x0a0c \Device\Harddisk0\DR0\Partition2 - ok
15:10:48.0613 0x0a0c [ 21841E5963F59290C58D92E83BA0EDD3 ] \Device\Harddisk0\DR0\Partition3
15:10:48.0614 0x0a0c \Device\Harddisk0\DR0\Partition3 - ok
15:10:48.0623 0x0a0c [ 13D07982B9FF166CDDC92216A3129BE1 ] \Device\Harddisk0\DR0\Partition4
15:10:48.0625 0x0a0c \Device\Harddisk0\DR0\Partition4 - ok
15:10:48.0633 0x0a0c [ D7E4FA6416CC3A9FBDF2C923567C3D1C ] \Device\Harddisk0\DR0\Partition5
15:10:48.0635 0x0a0c \Device\Harddisk0\DR0\Partition5 - ok
15:10:48.0642 0x0a0c ================ Scan generic autorun ======================
15:10:48.0642 0x0a0c SecurityHealth - ok
15:10:48.0651 0x0a0c IAStorIcon - ok
15:10:48.0656 0x0a0c RtsCM - ok
15:10:48.0663 0x0a0c HPNotifications - ok
15:10:48.0667 0x0a0c FreePDF Assistant - ok
15:10:48.0671 0x0a0c FUFAXRCV - ok
15:10:48.0674 0x0a0c FUFAXSTM - ok
15:10:48.0677 0x0a0c EEventManager - ok
15:10:48.0680 0x0a0c ConnectionCenter - ok
15:10:48.0684 0x0a0c Redirector - ok
15:10:48.0687 0x0a0c OneDriveSetup - ok
15:10:48.0690 0x0a0c WAB Migrate - ok
15:10:48.0694 0x0a0c OneDriveSetup - ok
15:10:48.0703 0x0a0c WAB Migrate - ok
15:10:48.0709 0x0a0c OneDrive - ok
15:10:48.0715 0x0a0c EPLTarget\P0000000000000000 - ok
15:10:48.0718 0x0a0c EPLTarget\P0000000000000001 - ok
15:10:48.0724 0x0a0c Steam - ok
15:10:48.0759 0x0a0c AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
15:10:48.0772 0x0a0c Win FW state via NFP2: enabled ( trusted )
15:10:49.0006 0x0a0c ============================================================
15:10:49.0006 0x0a0c Scan finished
15:10:49.0006 0x0a0c ============================================================
15:10:49.0033 0x0c0c Detected object count: 0
15:10:49.0033 0x0c0c Actual detected object count: 0
|
|
06.11.2018, 15:16
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Zitat:
Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.11.2018, 15:43
| #13 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-06-2018
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 10
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Jens\AppData\Local\Temp\DMR
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\chip1click
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2274 octets] - [06/11/2018 15:36:11]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Geändert von cosinus (06.11.2018 um 15:52 Uhr) Grund: code tags |
|
06.11.2018, 15:52
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! Logs bitte in CODE-Tags adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.11.2018, 16:17
| #15 |
| | RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert!Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-06-2018
# Duration: 00:00:16
# OS: Windows 10 Pro
# Scanned: 32052
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2274 octets] - [06/11/2018 15:36:11]
AdwCleaner[C00].txt - [2375 octets] - [06/11/2018 15:39:28]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
|
|
| Themen zu RE-EL60022132 *doc Mailanhang Dummerweise geönffnet und gescheichert! |
| administrator, adobe, antivirus, avast, bho, bonjour, defender, explorer, hotkey, ics, kaspersky, mac, microsoft, monitor, mozilla, neu, nvidia, scan, security, software, speechruntime.exe, system, system32, tcp, trojaner, windows, windowsapps |
dann auf 
und dann auf 
. 
Linear-Darstellung
