| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook Meldung über angebliche MalewareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.08.2016, 15:40
| #1 |
 |  Facebook Meldung über angebliche Maleware Hi, ich habe heute versucht mich über meinen PC (Windows 10 / Firefox 47.0.1) bei Facebook anzumelden und habe die im Anhang befindliche Meldung erhalten. Dort habe ich nichts weiter unternommen. Ich habe über mein Android Handy dann sofort mein Passwort geändert und mein Aktivitätenprotokoll gecheckt. Dort war 1 Link (ca. vor 1 Woche) geteilt welchen ich nicht geteilt habe. Eine Anmeldung über den PC funktioniert immer noch nicht, aufgrund angeh. Meldung. Habe bereits ADWCleaner und Avast durch laufen lassen. Leider keine Änderung / Firefox ist so konfiguriert das es keine Daten speichert bzw. Cookies. Habe es aber trotzdem zurückgesetzt. Im Netz konnte ich zu der Meldung nur wiedersprüchliche Beiträge finden. Vielleicht könnt ihr mir helfen. Vielen Dank. |
|
24.08.2016, 20:28
| #2 | |
| /// TB-Ausbilder   | Facebook Meldung über angebliche Maleware Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zitat:
Bitte die Logdateien von beiden nachreichen. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
26.08.2016, 16:10
| #3 |
| | Facebook Meldung über angebliche Maleware FRST.txt
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von Flo Admin (Administrator) auf BÜROSUF (24-08-2016 22:05:54)
Gestartet von C:\Users\Flo Admin\Downloads
Geladene Profile: Flo Admin (Verfügbare Profile: Flo Admin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(SplitCam Co.) D:\Programs\SplitCam\SplitCamService.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(USB Server) C:\Program Files (x86)\Generic\USB Server\USBServer.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) D:\Programs\Thunderbird\thunderbird.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.7319.23511.0_x64__8wekyb3d8bbwe\OHub.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] ()
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.)
Startup: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5-x64 08 C:\Program Files (x86)\Generic\USB Server\NPW\NPWprint.dll [195584 2009-09-02] (Elite Silicon Technology Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8aac2676-c826-45c0-a05a-48952cee79f8}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Kein Name -> {269D0B18-45D0-46D0-A644-2D60D928BC7F} -> C:\Users\FLOADM~1\AppData\LocalLow\INTERN~1\bho.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler: haufereader - Kein CLSID Wert
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kbr4azo0.default-1472046214596
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR HomePage: Default -> hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Amazon) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Flo Admin\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG)
R2 NPWService; C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe [783360 2009-09-02] () [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Programs\skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 SpliCamService; D:\Programs\SplitCam\SplitCamService.exe [321024 2016-05-18] (SplitCam Co.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 EST_BusEnum; C:\Windows\System32\drivers\GenBus.sys [29696 2009-10-06] ( )
R3 EST_Server; C:\Windows\System32\drivers\GenHC.sys [199168 2009-10-06] ( )
R3 NUS_Bus; C:\Windows\System32\drivers\NUS_Bus.sys [30208 2009-11-09] (Elite Silicon Technology Inc.)
R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-02-08] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-24 22:05 - 2016-08-24 22:06 - 00029845 _____ C:\Users\Flo Admin\Downloads\FRST.txt
2016-08-24 22:05 - 2016-08-24 22:05 - 00000000 ____D C:\FRST
2016-08-24 22:03 - 2016-08-24 22:05 - 02396672 _____ (Farbar) C:\Users\Flo Admin\Downloads\FRST64.exe
2016-08-24 21:53 - 2016-08-24 21:53 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-24 15:43 - 2016-08-24 15:43 - 00000000 ____D C:\Users\Flo Admin\Desktop\Alte Firefox-Daten
2016-08-24 15:22 - 2016-08-24 15:12 - 03784256 _____ C:\Users\Flo Admin\Desktop\adwcleaner_6.000.exe
2016-08-24 15:12 - 2016-08-24 15:12 - 03784256 _____ C:\Users\Flo Admin\Downloads\adwcleaner_6.000.exe
2016-08-24 15:11 - 2016-08-24 15:28 - 00000000 ____D C:\AdwCleaner
2016-08-19 00:05 - 2016-08-19 00:05 - 00006883 _____ C:\Users\Flo Admin\AppData\Local\recently-used.xbel
2016-08-18 15:59 - 2016-08-18 15:59 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-12 21:31 - 2016-08-12 21:31 - 00699943 _____ C:\Users\Flo Admin\Downloads\wmv2-1.9.8.exe
2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\waterMark V2
2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Program Files (x86)\PMlabs
2016-08-12 11:23 - 2016-08-19 01:30 - 00001170 _____ C:\Users\Flo Admin\Desktop\Mozilla Firefox.lnk
2016-08-10 11:26 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 11:26 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 11:26 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 11:26 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 11:26 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 11:26 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 11:26 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 11:26 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 11:26 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 11:26 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 11:26 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 11:26 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 11:26 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 11:26 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 11:26 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 11:26 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 11:26 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 11:26 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 11:26 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 11:26 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 11:26 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 11:26 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 11:26 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 11:26 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 11:26 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 11:26 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 11:26 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 11:26 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 11:26 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 11:26 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 11:26 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 11:26 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 11:26 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 11:26 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 11:26 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 11:26 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 11:25 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 11:25 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 11:25 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 11:25 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 11:25 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 11:25 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 11:25 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 11:25 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 11:25 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 11:25 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 11:25 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 11:25 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 11:25 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 11:25 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 11:25 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 11:25 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 11:25 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 11:25 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 11:25 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 11:25 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 11:25 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 11:25 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 11:25 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 11:25 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 11:25 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 11:25 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 11:25 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 11:25 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 11:25 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 11:25 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 11:25 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 11:25 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 11:25 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 11:25 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 11:25 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 11:25 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 11:25 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 11:25 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 11:25 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 11:25 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 11:25 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 11:25 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 11:25 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 11:25 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 11:25 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 11:25 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 11:25 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 11:25 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 11:25 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 11:25 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 11:25 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 11:25 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 11:25 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 11:25 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 11:25 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 11:25 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 11:25 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 11:25 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 11:25 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 11:25 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 11:25 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 11:25 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 11:25 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 11:25 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 11:25 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 11:25 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 11:25 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 11:25 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 11:25 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 11:25 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:25 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 11:25 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 11:25 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 11:25 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 11:25 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 11:25 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 11:25 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 11:25 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 11:25 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 11:25 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 11:25 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 11:25 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 11:25 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 11:25 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 11:25 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 11:25 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 11:25 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 11:25 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:25 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 11:25 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 11:25 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 11:25 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 11:25 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-09 19:41 - 2016-08-09 21:06 - 00000000 ____D C:\Users\Flo Admin\Desktop\Motorrad
2016-08-03 14:16 - 2016-08-03 14:16 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\Prezi
2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\Documents\Prezi
2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Prezi
2016-08-03 14:11 - 2016-08-03 14:11 - 00001854 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk
2016-08-03 14:11 - 2016-08-03 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop
2016-08-03 14:09 - 2016-08-03 14:11 - 00000000 ____D C:\Program Files (x86)\Prezi Desktop
2016-08-03 14:00 - 2016-08-03 14:01 - 01474568 _____ C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe
2016-08-02 21:52 - 2016-08-02 21:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\TeamViewer
2016-08-02 15:48 - 2016-08-02 16:04 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\SplitCam
2016-08-02 15:40 - 2016-08-02 15:44 - 100375696 _____ (SplitCam Co.) C:\Users\Flo Admin\Downloads\SplitCamSetup.exe
2016-07-28 19:00 - 2016-07-29 10:25 - 00000000 ____D C:\Users\Flo Admin\Desktop\Wohnung
2016-07-26 21:27 - 2016-07-26 21:27 - 00000000 ____D C:\Users\Flo Admin\Desktop\Tor Browser
2016-07-26 21:24 - 2016-07-26 21:26 - 49625952 _____ C:\Users\Flo Admin\Downloads\torbrowser-install-6.0.2_en-US.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-24 21:54 - 2015-06-18 14:41 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job
2016-08-24 21:54 - 2014-01-03 15:43 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Dropbox
2016-08-24 21:30 - 2014-01-22 16:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-24 21:27 - 2013-12-12 12:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-24 21:21 - 2015-12-28 00:59 - 00000442 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2016-08-24 21:00 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 21:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-24 18:04 - 2014-07-01 20:17 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A57FE50-6FA2-4DFD-80A8-6A730953253A}
2016-08-24 15:53 - 2016-06-14 21:55 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-24 15:53 - 2016-06-14 21:55 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-24 15:53 - 2016-06-14 21:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-24 15:45 - 2014-01-22 16:39 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-24 15:33 - 2014-01-22 16:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-24 15:29 - 2016-02-02 18:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-24 15:28 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-24 15:28 - 2015-09-15 16:37 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-24 15:16 - 2015-09-17 23:29 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-08-24 03:51 - 2015-06-18 14:41 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job
2016-08-20 11:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-19 00:11 - 2014-09-01 13:41 - 00000000 ____D C:\Users\Flo Admin\.gimp-2.8
2016-08-18 15:59 - 2015-09-15 23:17 - 00002444 _____ C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 15:59 - 2015-09-15 23:17 - 00000000 ___RD C:\Users\Flo Admin\OneDrive
2016-08-18 10:44 - 2013-09-23 14:07 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-18 04:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-17 20:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-17 20:05 - 2016-02-02 18:01 - 00000000 ____D C:\Users\Flo Admin
2016-08-17 02:40 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\WhatsApp
2016-08-16 23:17 - 2014-09-01 13:44 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\gtk-2.0
2016-08-11 13:43 - 2014-09-24 13:13 - 00001511 _____ C:\Users\Flo Admin\Desktop\Firefox.lnk
2016-08-11 01:32 - 2016-05-30 13:10 - 00000000 ____D C:\Users\Flo Admin\Desktop\Studium
2016-08-10 16:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 16:25 - 2013-12-12 11:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 16:19 - 2013-12-12 11:01 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-10 13:10 - 2016-06-17 06:57 - 00002307 _____ C:\Users\Flo Admin\Desktop\WhatsApp.lnk
2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\WhatsApp
2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\SquirrelTemp
2016-08-09 20:59 - 2016-06-16 23:22 - 00000000 ____D C:\Users\Flo Admin\Desktop\Fotos vom Handy
2016-08-07 23:32 - 2016-06-15 22:12 - 00000000 ____D C:\Users\Flo Admin\Desktop\DBL Standort für Süssi
2016-08-07 21:52 - 2014-12-15 20:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\uTorrent
2016-08-05 17:06 - 2014-01-03 15:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-03 14:07 - 2016-02-02 17:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-02 15:55 - 2016-07-24 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-02 15:55 - 2013-12-06 11:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-30 18:34 - 2016-04-13 11:25 - 00000000 ____D C:\ProgramData\Lexware
2016-07-28 23:25 - 2014-01-22 16:39 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 23:25 - 2014-01-22 16:39 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 18:47 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-28 18:47 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-28 18:47 - 2015-09-15 16:45 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-27 17:48 - 2014-01-03 19:12 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Skype
2016-07-27 17:18 - 2014-08-06 21:50 - 00000000 ____D C:\Program Files (x86)\Skype
2016-07-27 17:18 - 2014-01-03 19:11 - 00000000 ____D C:\ProgramData\Skype
2016-07-26 21:27 - 2016-01-06 16:38 - 00000967 _____ C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-07-26 21:27 - 2016-01-06 16:38 - 00000919 _____ C:\Users\Flo Admin\Desktop\Start Tor Browser.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-05-11 22:06 - 2014-05-11 22:06 - 0000046 _____ () C:\Users\Flo Admin\AppData\Roaming\Camdata.ini
2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamLayout.ini
2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamShapes.ini
2014-05-11 22:06 - 2014-05-11 22:06 - 0004535 _____ () C:\Users\Flo Admin\AppData\Roaming\CamStudio.cfg
2014-05-11 22:01 - 2014-05-11 22:01 - 0000096 _____ () C:\Users\Flo Admin\AppData\Roaming\version2.xml
2014-09-24 12:40 - 2016-06-13 14:13 - 0004608 _____ () C:\Users\Flo Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-19 00:05 - 2016-08-19 00:05 - 0006883 _____ () C:\Users\Flo Admin\AppData\Local\recently-used.xbel
2014-01-14 22:41 - 2014-01-14 22:41 - 0007602 _____ () C:\Users\Flo Admin\AppData\Local\Resmon.ResmonCfg
2015-12-28 00:25 - 2015-12-28 00:25 - 0000057 _____ () C:\ProgramData\Ament.ini
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Flo Admin\homep.exe
Einige Dateien in TEMP:
====================
C:\Users\Flo Admin\AppData\Local\Temp\fjd_jni.dll
C:\Users\Flo Admin\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Flo Admin\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Flo Admin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Flo Admin\AppData\Local\Temp\libeay32.dll
C:\Users\Flo Admin\AppData\Local\Temp\msvcr120.dll
C:\Users\Flo Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Flo Admin\AppData\Local\Temp\VirtualDJ New Version.exe
C:\Users\Flo Admin\AppData\Local\Temp\_is5481.exe
C:\Users\Flo Admin\AppData\Local\Temp\{4B823698-0EDF-4C2C-B3F2-56ED30E612A0}-50.0.2661.94_49.0.2623.112_chrome_updater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-21 07:10
==================== Ende von FRST.txt ============================
Code:
ATTFilter # AdwCleaner v6.000 - Logfile created 24/08/2016 at 15:14:54
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-23.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Flo Admin - BÜROSUF
# Running from : C:\Users\Flo Admin\Downloads\adwcleaner_6.000.exe
# Mode: Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Folder Found: C:\Users\Flo Admin\AppData\Local\SearchProtect
Folder Found: C:\Users\Flo Admin\AppData\Local\YSearchUtil
Folder Found: C:\Users\Flo Admin\AppData\LocalLow\Internet Explorer BHO
Folder Found: C:\Users\Flo Admin\AppData\Roaming\Security Systems
Folder Found: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\ConduitEngine
Folder Found: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\FoxTab
Folder Found: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\ICQToolbarData
Folder Found: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\somotomoviestoolbar1
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found: C:\Program Files (x86)\myfree codec
Folder Found: C:\Program Files (x86)\SearchProtect
Folder Found: C:\Program Files (x86)\Yahoo!\yset
Folder Found: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
***** [ Files ] *****
File Found: C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Found: C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
File Found: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
Key Found: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Myfree Codec
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\OCS
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\SearchProtectINT
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Softonic
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\systweak
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found: HKCU\Software\Myfree Codec
Key Found: HKCU\Software\OCS
Key Found: HKCU\Software\SearchProtectINT
Key Found: HKCU\Software\Softonic
Key Found: HKCU\Software\systweak
Key Found: HKLM\SOFTWARE\Myfree Codec
Key Found: HKLM\SOFTWARE\SearchProtect
Key Found: HKLM\SOFTWARE\SPPDCOM
Key Found: HKLM\SOFTWARE\SEARCHPROTECT
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Foxy Secure
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Data Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
Key Found: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.de
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Value Found: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo []
***** [ Web browsers ] *****
Firefox pref Found: [C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\prefs.js] - "browser.newtab.url" - "hxxp://search.conduit.com/?ctid=CT3317740&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP7009CD57-EF99-4135-8AA5-DF6A041588B8"
Chrome pref Found: [C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Web data] - www.yahoo.com
Chrome pref Found: [C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - npdicihegicnhaangkdmcgbjceoemeoo
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [5816 Bytes] - [24/08/2016 15:14:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5889 Bytes] ##########
ADWCleaner 2. Lauf Code:
ATTFilter # AdwCleaner v6.000 - Logfile created 24/08/2016 at 15:24:52
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-23.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Flo Admin - BÜROSUF
# Running from : C:\Users\Flo Admin\Desktop\adwcleaner_6.000.exe
# Mode: Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
Value Found: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo []
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6021 Bytes] - [24/08/2016 15:16:39]
C:\AdwCleaner\AdwCleaner[S0].txt - [5968 Bytes] - [24/08/2016 15:14:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [1182 Bytes] - [24/08/2016 15:24:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1255 Bytes] ##########
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von Flo Admin (24-08-2016 22:07:28)
Gestartet von C:\Users\Flo Admin\Downloads
Windows 10 Home Version 1511 (X64) (2016-02-02 16:24:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4126187190-1361339850-3817463540-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4126187190-1361339850-3817463540-503 - Limited - Disabled)
Flo Admin (S-1-5-21-4126187190-1361339850-3817463540-1001 - Administrator - Enabled) => C:\Users\Flo Admin
Gast (S-1-5-21-4126187190-1361339850-3817463540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4126187190-1361339850-3817463540-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version: - U.S. Army)
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 2 Starter Edition (HKLM-x32\...\{394C2C3E-CA18-4216-B430-ACDD82C26973}) (Version: 2.6.0 - Ambient Design)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haufe Formular-Manager (HKLM-x32\...\{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}) (Version: 2.1.8.0 - Haufe)
Haufe iDesk-Browser (HKLM-x32\...\{043671DC-DE3A-4A5B-B7A2-34F7DF6F5523}) (Version: 7.07.25.4312 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{A4E86B6A-6EEC-41FD-8960-26947F0E3353}) (Version: 7.09.07.4355 - Haufe)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Hilfe (HKLM-x32\...\{0C0C43A4-CDBF-4CF6-9902-4CF6BBD09C80}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
leogeo_timebeat (HKLM-x32\...\leogeo_timebeat_is1) (Version: - )
Lexware buchhalter 2016 (HKLM-x32\...\{c471bebe-ad7b-4c54-8a91-2d314fd041a0}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2016 (x32 Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware know how buchhaltung (HKLM-x32\...\{86C5FBB1-83D3-4E79-B60C-FB43BF003AE9}) (Version: 6.0.0.0 - Haufe Mediengruppe)
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi)
Prezi Desktop (x32 Version: 6.12.1.0 - Prezi) Hidden
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SplitCam (HKLM-x32\...\SplitCam) (Version: 7.4.4.1 - SplitCam Co)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet 5740 series (HKLM\...\{E49940D5-31DD-40BA-851D-3B82C4FF7A18}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65280 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
USB Server (HKLM-x32\...\InstallShield_{2DCD32C2-EBB2-4461-8398-6FBA1E8BCD0D}) (Version: 09.1117.0028 - Ihr Firmenname)
USB Server (x32 Version: 09.1117.0028 - Ihr Firmenname) Hidden
USB Server NPW (HKLM-x32\...\InstallShield_{7B88E312-ED74-4FE4-BC76-18DA40597382}) (Version: - )
USB Server NPW (Version: 09.1117.0028 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002DB84B-CC92-4F9E-A0BE-E87B9453079B} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {15E5D4B8-C0E1-4B8B-8D99-5D6C13A1AF0B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {33D000FE-8321-4DA3-BDAA-C90D6DCFB54D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {37FC83F6-061F-4D09-A5B9-CA2AA83C06A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4129F7A2-1670-4846-8E34-C78C7B2E349E} - System32\Tasks\SafeZone scheduled Autoupdate 1451348094 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {49C49F98-87C7-4737-974D-7B483CCB4DF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5956B518-9EF2-475F-8FE5-AAAC2E8B2E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B792BFE-472A-4572-8089-14AD5D9B19FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {75E37311-C0C7-47CD-B46F-7E0743A7C349} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {837E1E21-372A-46A3-BEBC-20A0D334F80E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-12-28] ()
Task: {85859EF5-0169-4590-9C7A-D3ACCD511113} - System32\Tasks\{BF70E981-2856-4D51-B24D-AEF709BD9888} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {870B6537-E047-4216-926B-000757F67EEF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {8B344A7B-0D2B-4201-8661-07D40F0BD767} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9A6505A9-ADD4-4E45-84CE-794EB4AD0B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {9F311C0A-4399-4B6C-860B-6CFB5CF40ECD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A0B52DA2-F889-4882-B6D8-C15ED151A088} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {AADFA08E-9B63-4794-A107-8A971BB93DF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AD8A5F53-032B-4BE5-B984-E5754BA88609} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B76472CA-DB70-4EA5-89FA-0536DDB2CA93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {C8699E42-5061-4448-B95F-BCD5011F54F7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {E67ED1D2-A91D-48AD-8B60-032CD299B1A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E7735B02-AEE1-4CEF-AFD2-EEE73F071A9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {E90A38FA-74F3-4C11-AEF6-0EB529BCF61E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EB7532DE-4464-46D2-B977-C126614D0FC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EC44A142-D2D6-451E-8822-E0DF8F19D55B} - System32\Tasks\{47D082D0-DAC8-47E7-866E-8F70FCB1A8A2} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {EF5A316F-7C15-43D2-AC4C-BC271A3F7B9A} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {F5556D06-9B9A-429E-A85A-7DE576DE25EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FD3264FB-3D5E-4D23-A078-70CC5A09E0DA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk -> C:\ProgramData\Ashampoo\DeDigital.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=dedi&edition=eid=15376&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=15376&utm_medium=desktop&x-pos=Metro
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-14 21:55 - 2016-07-28 23:01 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00783360 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00184320 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWpsm.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00270848 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWdcp.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00087552 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWlog.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00098816 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWuntp.dll
2013-07-08 12:35 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01864384 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-13 00:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-02 17:49 - 2016-02-02 17:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 00:42 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2013-04-10 08:09 - 2013-04-10 08:09 - 00401408 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
2015-11-24 14:44 - 2015-10-09 17:56 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-04 17:43 - 2015-11-04 17:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-08-16 09:28 - 2016-08-16 09:28 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 09:28 - 2016-08-16 09:28 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-06 22:35 - 2016-06-06 22:35 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-04 08:50 - 2016-03-04 08:51 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-13 00:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 00:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-24 13:12 - 2016-08-24 13:12 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082400\algo.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-10-23 10:11 - 2013-10-23 10:11 - 00114336 _____ () D:\Programs\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-08 12:35 - 2016-08-24 15:29 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 12:35 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-07-08 12:37 - 2012-11-23 02:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00167936 _____ () C:\Program Files (x86)\Generic\USB Server\PSMDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00233472 _____ () C:\Program Files (x86)\Generic\USB Server\DCPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00098304 _____ () C:\Program Files (x86)\Generic\USB Server\UNTPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00086016 _____ () C:\Program Files (x86)\Generic\USB Server\ESTLogDLL.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01383616 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 00118976 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B50E6ACD-FE4D-4FA7-AD62-292930B2E001}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{0D1BD89E-942A-481D-9793-CBDD87278D76}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{8633FA9A-00AB-4D6B-9F2D-D792A86AB35A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A57700A-5BB9-484E-B6BD-A60C80B2030D}] => (Allow) LPort=5357
FirewallRules: [{A6D98DA9-3CAF-4966-A270-4756F6F6E049}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{8F7CFD95-B1FD-4E86-B33B-33301E3E8B3F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{2A68F774-368B-4770-A3F0-1940CA721348}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{23406359-CA38-495F-BAFF-B0FD369C2B01}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{9A37B5EF-BE64-45F1-8A03-FD869C11F676}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{A6D0BF2B-B59B-4B31-AC70-F271D90DB24B}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{2E3986CF-1592-4B44-A072-5B34C8522F9D}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{01F9A868-FDD2-4C83-9251-7E337F01CCB9}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{6A9C2651-3469-492A-A9AA-4A1F5A746F79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEC98AA3-AAB4-4E22-8ED7-A32431BD514A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{53803361-4D74-428C-8985-9469C27A8AE2}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [TCP Query User{CAEFD55D-1B24-4845-8A04-94A2182C5552}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [{B1A34152-54F4-4E98-8B60-4718839394E2}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{6FE3A923-8A1E-4512-9E73-C5F6661E34FE}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{01AE655B-AEA6-4D34-B7E6-B93D558C11CF}] => (Allow) D:\Programs\skype\Phone\Skype.exe
FirewallRules: [{4C892305-F1CD-456F-9479-29C4A9D6A1F5}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{B620889F-981E-4380-BD48-5B2A78FFD7B9}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [UDP Query User{06E9E7E6-5460-45A9-99F7-4861592FDBD1}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [TCP Query User{C7A646F1-22CC-4368-B3C3-F707EDED27FB}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{FDD11821-1F86-45C7-851D-FA154D2D3A80}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FD766F05-B765-4447-BFBE-0EEE6453B1F0}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56AAD266-5579-4571-B2C1-683A719E9156}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BC4B8B3D-4CFB-4449-A80F-D7B0A21C868F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1C44F0E4-B131-4BE7-A724-355BA2FD9BAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6269E7DD-6F8B-4E38-AB32-DF90F00AF9E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58C1409A-E846-458B-83F6-40DEF3C3660E}] => (Allow) LPort=1900
FirewallRules: [{A11458CA-16B4-457D-9540-FC16BEF66DD9}] => (Allow) LPort=2869
FirewallRules: [{CD50D89C-1F74-4331-BF1C-FACF8B80A5AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1C307B-FB47-4954-879A-C9F32AA75306}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7085672E-17F4-4BA2-8CC6-801B3B5A9898}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4328C627-420E-42CF-AB37-F13E28B5F4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{712073E1-AD11-4CE5-A5AE-BE23C738C34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2E2EE3-69DB-4A8F-A58E-666B302BF57F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B9575A9A-84EC-4244-BE5E-C01C2E7EEC8F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [TCP Query User{04A83C6A-0266-45B2-9129-11A5A9818B63}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{B357CA7F-906A-4042-880B-7BD10906492B}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [{BE73B786-5CC6-46D6-AD01-0F6A9D522CBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA28F35-185D-4685-90EF-4B7410D89B48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F6258D9-DBA9-4B2E-903E-673846C2DA38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41C58828-FF0B-4965-9C6E-A91CFEB64E4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDE9B23-7E39-4384-84B2-BDC86B906BF8}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{314B90AE-9C41-40C0-88F6-D3C018DD4AFE}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{76FFEB86-3414-48E3-87E9-E3C463423945}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD91AC9-FE81-4A2D-A54E-74C1307BE695}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED23FFEA-5BDC-4A1A-B628-DEDDAD96AD99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0F8114D3-CEE6-4721-9802-03E34B9C9126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7AAF4524-9586-46D4-953E-393BB5017E67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5FB4FD0-3303-4146-B905-D5E726A60E4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C429BD3-DE78-4ACC-995A-20197F7A6FCA}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{392515B6-D467-4EDB-ADF2-2E06D5027746}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{041AF5DD-4D23-41DD-800E-CEEABF6DC692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0F5F0B1-FDB7-4CBD-B20C-CE66EAAA3C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A12128E-F079-4781-8B63-A51B6E987D8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DDAFAD4B-154A-4455-981E-E2B9380D6339}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8B0D8291-A290-4956-AB94-3F5FA3B49338}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C75E758B-1B29-451A-A14A-961B3A9692CB}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30C3732E-0062-4D4C-934D-FEE94DCDB5A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{3367E635-FE50-4DA3-B206-D68ACE711329}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{025BFE64-AC16-444F-A936-96CEAF40D492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{388D8BFC-62D5-45AE-A03F-763078672E9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FCA7B880-A697-415A-A88B-03FCBF0A5547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38E3F818-26D7-4287-B9D7-8100E51B2A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
09-08-2016 19:02:46 Geplanter Prüfpunkt
18-08-2016 21:06:42 Geplanter Prüfpunkt
22-08-2016 22:28:01 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/24/2016 04:02:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/24/2016 03:53:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BÜROSUF)
Description: Das Paket „Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/24/2016 03:25:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x1fc8
Startzeit der fehlerhaften Anwendung: 0xLiveUpdt.exe0
Pfad der fehlerhaften Anwendung: LiveUpdt.exe1
Pfad des fehlerhaften Moduls: LiveUpdt.exe2
Berichtskennung: LiveUpdt.exe3
Vollständiger Name des fehlerhaften Pakets: LiveUpdt.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveUpdt.exe5
Error: (08/24/2016 03:24:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x1fc8
Startzeit der fehlerhaften Anwendung: 0xLiveUpdt.exe0
Pfad der fehlerhaften Anwendung: LiveUpdt.exe1
Pfad des fehlerhaften Moduls: LiveUpdt.exe2
Berichtskennung: LiveUpdt.exe3
Vollständiger Name des fehlerhaften Pakets: LiveUpdt.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveUpdt.exe5
Error: (08/24/2016 12:23:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BÜROSUF)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/24/2016 12:21:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BÜROSUF)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/22/2016 10:28:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/21/2016 07:11:38 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/20/2016 11:24:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x1224
Startzeit der fehlerhaften Anwendung: 0xLiveUpdt.exe0
Pfad der fehlerhaften Anwendung: LiveUpdt.exe1
Pfad des fehlerhaften Moduls: LiveUpdt.exe2
Berichtskennung: LiveUpdt.exe3
Vollständiger Name des fehlerhaften Pakets: LiveUpdt.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveUpdt.exe5
Error: (08/20/2016 11:24:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x1224
Startzeit der fehlerhaften Anwendung: 0xLiveUpdt.exe0
Pfad der fehlerhaften Anwendung: LiveUpdt.exe1
Pfad des fehlerhaften Moduls: LiveUpdt.exe2
Berichtskennung: LiveUpdt.exe3
Vollständiger Name des fehlerhaften Pakets: LiveUpdt.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveUpdt.exe5
Systemfehler:
=============
Error: (08/24/2016 03:53:28 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "TeamViewer VPN Adapter, {A69CB2D3-F4C0-48BC-B666-C7AA650A7A6F}" ist das Ereignis "76" aufgetreten.
Error: (08/24/2016 03:36:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/24/2016 03:29:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (08/24/2016 03:28:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (08/24/2016 03:28:08 PM) (Source: DCOM) (EventID: 10010) (User: BÜROSUF)
Description: NLInternal.SharedRecoActivation
Error: (08/24/2016 03:28:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3bb15" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/24/2016 03:28:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3bb15" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/24/2016 03:28:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3bb15" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/24/2016 03:28:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3bb15" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/24/2016 03:27:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-08-17 20:12:53.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 04:31:33.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 20:12:04.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 03:08:42.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 23:46:59.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 03:01:05.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-15 19:54:02.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-10 08:03:53.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:02:32.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:01:10.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 3272.3 MB
Verfügbarer physikalischer RAM: 1169.59 MB
Summe virtueller Speicher: 5960.3 MB
Verfügbarer virtueller Speicher: 2839.23 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:48.26 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:719.4 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 710B350F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
26.08.2016, 16:12
| #4 |
| | Facebook Meldung über angebliche MalewareCode:
ATTFilter 22:11:35.0483 0x0b94 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
22:11:35.0483 0x0b94 UEFI system
22:11:44.0749 0x0b94 ============================================================
22:11:44.0749 0x0b94 Current date / time: 2016/08/24 22:11:44.0749
22:11:44.0749 0x0b94 SystemInfo:
22:11:44.0749 0x0b94
22:11:44.0749 0x0b94 OS Version: 10.0.10586 ServicePack: 0.0
22:11:44.0749 0x0b94 Product type: Workstation
22:11:44.0749 0x0b94 ComputerName: BÜROSUF
22:11:44.0750 0x0b94 UserName: Flo Admin
22:11:44.0750 0x0b94 Windows directory: C:\WINDOWS
22:11:44.0750 0x0b94 System windows directory: C:\WINDOWS
22:11:44.0750 0x0b94 Running under WOW64
22:11:44.0750 0x0b94 Processor architecture: Intel x64
22:11:44.0750 0x0b94 Number of processors: 2
22:11:44.0750 0x0b94 Page size: 0x1000
22:11:44.0750 0x0b94 Boot type: Normal boot
22:11:44.0750 0x0b94 CodeIntegrityOptions = 0x00000001
22:11:44.0750 0x0b94 ============================================================
22:11:44.0971 0x0b94 KLMD registered as C:\WINDOWS\system32\drivers\30201782.sys
22:11:44.0971 0x0b94 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.545, osProperties = 0x19
22:11:45.0534 0x0b94 System UUID: {6F064B29-E2F6-4311-A853-9372E2F557E0}
22:11:46.0503 0x0b94 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:11:46.0532 0x0b94 ============================================================
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0:
22:11:46.0532 0x0b94 GPT partitions:
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E5107EE8-27EC-404B-93F8-810EEA105266}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x190000
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {52B95F42-6B6D-4098-A38B-1AD9ED68B20D}, Name: EFI system partition, StartLBA 0x190800, BlocksNum 0x82000
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8BA421A0-70E0-4268-8BC5-3B2C3670E905}, Name: Microsoft reserved partition, StartLBA 0x212800, BlocksNum 0x40000
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D013E8BA-90A8-405B-8A8F-FC961895661F}, Name: Basic data partition, StartLBA 0x252800, BlocksNum 0x12B51000
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BD0C929A-5809-4192-8C0B-3BEA2CC771A0}, Name: , StartLBA 0x12DA3800, BlocksNum 0xAF000
22:11:46.0532 0x0b94 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0398BED1-0CF6-4805-BAF3-B43083B1169F}, Name: Basic data partition, StartLBA 0x12E52800, BlocksNum 0x5F2A7800
22:11:46.0533 0x0b94 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2FA9D438-E6B1-45AB-8217-B05C98093FFB}, Name: Basic data partition, StartLBA 0x720FA000, BlocksNum 0x260C800
22:11:46.0533 0x0b94 MBR partitions:
22:11:46.0533 0x0b94 ============================================================
22:11:46.0551 0x0b94 C: <-> \Device\Harddisk0\DR0\Partition4
22:11:46.0583 0x0b94 D: <-> \Device\Harddisk0\DR0\Partition6
22:11:46.0583 0x0b94 ============================================================
22:11:46.0583 0x0b94 Initialize success
22:11:46.0583 0x0b94 ============================================================
22:12:00.0755 0x0758 ============================================================
22:12:00.0755 0x0758 Scan started
22:12:00.0755 0x0758 Mode: Manual;
22:12:00.0755 0x0758 ============================================================
22:12:00.0755 0x0758 KSN ping started
22:12:01.0051 0x0758 KSN ping finished: true
22:12:04.0832 0x0758 ================ Scan system memory ========================
22:12:04.0832 0x0758 System memory - ok
22:12:04.0833 0x0758 ================ Scan services =============================
22:12:04.0953 0x0758 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:12:04.0958 0x0758 1394ohci - ok
22:12:04.0992 0x0758 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:12:04.0994 0x0758 3ware - ok
22:12:05.0035 0x0758 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:12:05.0045 0x0758 ACPI - ok
22:12:05.0058 0x0758 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:12:05.0061 0x0758 acpiex - ok
22:12:05.0074 0x0758 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:12:05.0075 0x0758 acpipagr - ok
22:12:05.0113 0x0758 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:12:05.0114 0x0758 AcpiPmi - ok
22:12:05.0125 0x0758 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:12:05.0126 0x0758 acpitime - ok
22:12:05.0198 0x0758 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:12:05.0200 0x0758 AdobeARMservice - ok
22:12:05.0279 0x0758 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:12:05.0284 0x0758 AdobeFlashPlayerUpdateSvc - ok
22:12:05.0341 0x0758 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:12:05.0360 0x0758 ADP80XX - ok
22:12:05.0413 0x0758 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:12:05.0423 0x0758 AFD - ok
22:12:05.0442 0x0758 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
22:12:05.0444 0x0758 agp440 - ok
22:12:05.0465 0x0758 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:12:05.0470 0x0758 ahcache - ok
22:12:05.0510 0x0758 [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus C:\WINDOWS\syswow64\drivers\AiChargerPlus.sys
22:12:05.0511 0x0758 AiChargerPlus - ok
22:12:05.0532 0x0758 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
22:12:05.0534 0x0758 AJRouter - ok
22:12:05.0559 0x0758 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
22:12:05.0562 0x0758 ALG - ok
22:12:05.0596 0x0758 [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
22:12:05.0601 0x0758 AMD External Events Utility - ok
22:12:05.0638 0x0758 [ DE51F5BB5C05D4C831ECB6E1A70E1B5E, 465834210ACE469481F75EDBB8532386029BD5277C41D084134E9E71B9BD8371 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
22:12:05.0645 0x0758 AMD FUEL Service - ok
22:12:05.0666 0x0758 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:12:05.0669 0x0758 AmdK8 - ok
22:12:05.0684 0x0758 amdkmdag - ok
22:12:05.0721 0x0758 [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
22:12:05.0735 0x0758 amdkmdap - ok
22:12:05.0751 0x0758 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:12:05.0754 0x0758 AmdPPM - ok
22:12:05.0780 0x0758 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:12:05.0783 0x0758 amdsata - ok
22:12:05.0807 0x0758 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:12:05.0814 0x0758 amdsbs - ok
22:12:05.0829 0x0758 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:12:05.0830 0x0758 amdxata - ok
22:12:05.0863 0x0758 [ 0E6F9683928F99DF16E0E7924E4807D9, D236F8BCC233370E86F6A474F7576601E10AEC5923B9ED168FEF6303228F940E ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
22:12:05.0865 0x0758 amd_sata - ok
22:12:05.0875 0x0758 [ F9254DE6FA0A2782A4810726F2D677EF, C6FBDC24E48EE330D47C5A4726633207EE90B841D2A62900E1B2CDACAC7F2B58 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
22:12:05.0877 0x0758 amd_xata - ok
22:12:05.0885 0x0758 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:12:05.0887 0x0758 AODDriver4.2.0 - ok
22:12:05.0894 0x0758 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:12:05.0896 0x0758 AODDriver4.3 - ok
22:12:05.0930 0x0758 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:12:05.0934 0x0758 AppID - ok
22:12:05.0957 0x0758 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:12:05.0960 0x0758 AppIDSvc - ok
22:12:05.0975 0x0758 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:12:05.0978 0x0758 Appinfo - ok
22:12:06.0049 0x0758 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:12:06.0051 0x0758 Apple Mobile Device - ok
22:12:06.0095 0x0758 [ 682F73D86501D75B131A1D59539A475D, 1C3E1728F3995BBFC2BCE90EFD118B0B864103B16F587A1374D8B3A00403B9E3 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:12:06.0111 0x0758 AppReadiness - ok
22:12:06.0182 0x0758 [ 736BC0930DF22D535C9667D78F8DEB71, 067337517BD7234FEA999C242C90F74328C0003DDFD24483915F5C1DC5B9C919 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:12:06.0221 0x0758 AppXSvc - ok
22:12:06.0246 0x0758 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:12:06.0250 0x0758 arcsas - ok
22:12:06.0333 0x0758 [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
22:12:06.0351 0x0758 asComSvc - ok
22:12:06.0393 0x0758 [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
22:12:06.0415 0x0758 asHmComSvc - ok
22:12:06.0442 0x0758 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
22:12:06.0444 0x0758 AsIO - ok
22:12:06.0472 0x0758 [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
22:12:06.0475 0x0758 AsSysCtrlService - ok
22:12:06.0487 0x0758 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\WINDOWS\syswow64\drivers\AsUpIO.sys
22:12:06.0489 0x0758 AsUpIO - ok
22:12:06.0505 0x0758 [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
22:12:06.0508 0x0758 Asus WebStorage Windows Service - ok
22:12:06.0527 0x0758 [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1CCBA6A0D52F901 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
22:12:06.0530 0x0758 aswHwid - ok
22:12:06.0562 0x0758 [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC45067A354315C9A89 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
22:12:06.0564 0x0758 aswKbd - ok
22:12:06.0587 0x0758 [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB239463D0FBB9841 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:12:06.0590 0x0758 aswMonFlt - ok
22:12:06.0629 0x0758 [ 619CFB94EDCD3449A5204DA8FF388A96, 0803A7A9C6162CDE546AC2FCB353ED7A5F4A30A396773ED8180F82F6436A5E7B ] aswNetSec C:\WINDOWS\system32\drivers\aswNetSec.sys
22:12:06.0641 0x0758 aswNetSec - ok
22:12:06.0665 0x0758 [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D5D493B415719A7 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
22:12:06.0668 0x0758 aswRdr - ok
22:12:06.0679 0x0758 [ 4ABDD84A67378E866BC15DDC9916BA71, 7F67252BE1B9979507F16C8B48D6B2D103B80C4B0765ED3E495DE48E5250EF63 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
22:12:06.0682 0x0758 aswRvrt - ok
22:12:06.0720 0x0758 [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E757157D9B195CCD5BA ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
22:12:06.0742 0x0758 aswSnx - ok
22:12:06.0777 0x0758 [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC5008AFB9698E57 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
22:12:06.0787 0x0758 aswSP - ok
22:12:06.0815 0x0758 [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD9643A5A19AB944 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
22:12:06.0819 0x0758 aswStm - ok
22:12:06.0850 0x0758 [ FE0EE5CA72BC0D41DCAAFCA70B78274B, 1D81CAF4EBAB4A9FE542F9C27D67617530295B889E3E2B2C72C669BA55078364 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
22:12:06.0856 0x0758 aswVmm - ok
22:12:06.0879 0x0758 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
22:12:06.0880 0x0758 AsyncMac - ok
22:12:06.0897 0x0758 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:12:06.0899 0x0758 atapi - ok
22:12:06.0940 0x0758 [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
22:12:06.0943 0x0758 AtiHDAudioService - ok
22:12:06.0984 0x0758 [ D278B7C0205249398F434856F5329FC9, 19526BC7D85D1EA63449A94274183EA051AB9F0F32209514041906E691060405 ] AU8168 C:\WINDOWS\system32\DRIVERS\au630x64.sys
22:12:07.0000 0x0758 AU8168 - ok
22:12:07.0053 0x0758 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:12:07.0060 0x0758 AudioEndpointBuilder - ok
22:12:07.0113 0x0758 [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:12:07.0137 0x0758 Audiosrv - ok
22:12:07.0192 0x0758 [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA85C26B6F7EF620B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:12:07.0224 0x0758 avast! Antivirus - ok
22:12:07.0250 0x0758 [ 2CD38E4400CDD10AA9FEC3172F9D86D6, B8492EF67420FC7EA16F080F468C964CF9AF69D3046DBD4752AE87E7F5A09D9A ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
22:12:07.0256 0x0758 avast! Firewall - ok
22:12:07.0288 0x0758 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:12:07.0292 0x0758 AxInstSV - ok
22:12:07.0330 0x0758 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
22:12:07.0342 0x0758 b06bdrv - ok
22:12:07.0364 0x0758 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:12:07.0367 0x0758 BasicDisplay - ok
22:12:07.0378 0x0758 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:12:07.0380 0x0758 BasicRender - ok
22:12:07.0396 0x0758 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
22:12:07.0397 0x0758 bcmfn - ok
22:12:07.0406 0x0758 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:12:07.0408 0x0758 bcmfn2 - ok
22:12:07.0437 0x0758 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:12:07.0445 0x0758 BDESVC - ok
22:12:07.0480 0x0758 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:12:07.0481 0x0758 Beep - ok
22:12:07.0522 0x0758 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
22:12:07.0540 0x0758 BFE - ok
22:12:07.0611 0x0758 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
22:12:07.0638 0x0758 BITS - ok
22:12:07.0685 0x0758 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:12:07.0695 0x0758 Bonjour Service - ok
22:12:07.0708 0x0758 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:12:07.0711 0x0758 bowser - ok
22:12:07.0750 0x0758 [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:12:07.0764 0x0758 BrokerInfrastructure - ok
22:12:07.0779 0x0758 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
22:12:07.0783 0x0758 Browser - ok
22:12:07.0800 0x0758 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:12:07.0802 0x0758 BthAvrcpTg - ok
22:12:07.0815 0x0758 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:12:07.0817 0x0758 BthHFEnum - ok
22:12:07.0829 0x0758 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:12:07.0831 0x0758 bthhfhid - ok
22:12:07.0864 0x0758 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:12:07.0872 0x0758 BthHFSrv - ok
22:12:07.0906 0x0758 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:12:07.0909 0x0758 BTHMODEM - ok
22:12:07.0943 0x0758 [ CEEC73833A4C6B31E2F376A3FD4DA73E, F09FC6EAB8D9769DBAD0931CC7C7F5DFE1562D3EE09CE0EF086AA73D4B62E076 ] bthserv C:\WINDOWS\system32\bthserv.dll
22:12:07.0946 0x0758 bthserv - ok
22:12:07.0964 0x0758 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:12:07.0966 0x0758 buttonconverter - ok
22:12:08.0032 0x0758 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
22:12:08.0061 0x0758 c2cautoupdatesvc - ok
22:12:08.0110 0x0758 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
22:12:08.0145 0x0758 c2cpnrsvc - ok
22:12:08.0185 0x0758 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
22:12:08.0189 0x0758 CapImg - ok
22:12:08.0218 0x0758 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:12:08.0221 0x0758 cdfs - ok
22:12:08.0259 0x0758 [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
22:12:08.0266 0x0758 CDPSvc - ok
22:12:08.0286 0x0758 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:12:08.0291 0x0758 cdrom - ok
22:12:08.0314 0x0758 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:12:08.0319 0x0758 CertPropSvc - ok
22:12:08.0349 0x0758 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:12:08.0351 0x0758 circlass - ok
22:12:08.0381 0x0758 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:12:08.0389 0x0758 CLFS - ok
22:12:08.0436 0x0758 [ E72BB94A4010EBA7074DFEB25D67BDC3, 437F13A1F709B4CC047C9918625C2B5F673218A5141DBC99CD14B008FAB2AA88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
22:12:08.0450 0x0758 ClipSVC - ok
22:12:08.0483 0x0758 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:12:08.0485 0x0758 CmBatt - ok
22:12:08.0525 0x0758 [ 570BA8E8E1E3064A7D92F862B7F59B60, 849CE59A0390EB34977471391EF7500506B0B019E5E31CBF264A4926A84C4BEE ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:12:08.0539 0x0758 CNG - ok
22:12:08.0557 0x0758 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:12:08.0559 0x0758 cnghwassist - ok
22:12:08.0614 0x0758 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
22:12:08.0615 0x0758 CompositeBus - ok
22:12:08.0621 0x0758 COMSysApp - ok
22:12:08.0647 0x0758 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:12:08.0649 0x0758 condrv - ok
22:12:08.0684 0x0758 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:12:08.0701 0x0758 CoreMessagingRegistrar - ok
22:12:08.0726 0x0758 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:12:08.0730 0x0758 CryptSvc - ok
22:12:08.0759 0x0758 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
22:12:08.0761 0x0758 dam - ok
22:12:08.0800 0x0758 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:12:08.0819 0x0758 DcomLaunch - ok
22:12:08.0845 0x0758 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
22:12:08.0851 0x0758 DcpSvc - ok
22:12:08.0882 0x0758 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:12:08.0894 0x0758 defragsvc - ok
22:12:08.0921 0x0758 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:12:08.0931 0x0758 DeviceAssociationService - ok
22:12:08.0945 0x0758 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:12:08.0952 0x0758 DeviceInstall - ok
22:12:08.0966 0x0758 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
22:12:08.0969 0x0758 DevQueryBroker - ok
22:12:08.0991 0x0758 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:12:08.0995 0x0758 Dfsc - ok
22:12:09.0025 0x0758 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:12:09.0029 0x0758 dg_ssudbus - ok
22:12:09.0061 0x0758 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:12:09.0071 0x0758 Dhcp - ok
22:12:09.0116 0x0758 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:12:09.0118 0x0758 diagnosticshub.standardcollector.service - ok
22:12:09.0189 0x0758 [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:12:09.0225 0x0758 DiagTrack - ok
22:12:09.0259 0x0758 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
22:12:09.0262 0x0758 disk - ok
22:12:09.0284 0x0758 [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:12:09.0295 0x0758 DmEnrollmentSvc - ok
22:12:09.0313 0x0758 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:12:09.0315 0x0758 dmvsc - ok
22:12:09.0337 0x0758 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:12:09.0340 0x0758 dmwappushservice - ok
22:12:09.0372 0x0758 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:12:09.0380 0x0758 Dnscache - ok
22:12:09.0405 0x0758 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:12:09.0414 0x0758 dot3svc - ok
22:12:09.0437 0x0758 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
22:12:09.0443 0x0758 DPS - ok
22:12:09.0478 0x0758 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
22:12:09.0481 0x0758 drmkaud - ok
22:12:09.0510 0x0758 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:12:09.0517 0x0758 DsmSvc - ok
22:12:09.0541 0x0758 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
22:12:09.0547 0x0758 DsSvc - ok
22:12:09.0625 0x0758 [ E5EF652F8C880EC48A4E827698416338, 49F7BD33A1EA1BE996698C0476C92E7C7F7FEC2940ED6018614E3AB18E8FACAC ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:12:09.0670 0x0758 DXGKrnl - ok
22:12:09.0702 0x0758 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
22:12:09.0706 0x0758 Eaphost - ok
22:12:09.0812 0x0758 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
22:12:09.0891 0x0758 ebdrv - ok
22:12:09.0928 0x0758 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
22:12:09.0932 0x0758 EFS - ok
22:12:09.0947 0x0758 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:12:09.0950 0x0758 EhStorClass - ok
22:12:09.0964 0x0758 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:12:09.0968 0x0758 EhStorTcgDrv - ok
22:12:09.0994 0x0758 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
22:12:09.0999 0x0758 embeddedmode - ok
22:12:10.0042 0x0758 [ 3182FCAF6AAF478791DE5B430C912D4D, 6044BB8A895F0E5BEAA5390457730AE9DB26A5611DC1CD55CE91F2331D2C3086 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:12:10.0050 0x0758 EntAppSvc - ok
22:12:10.0064 0x0758 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:12:10.0065 0x0758 ErrDev - ok
22:12:10.0098 0x0758 [ 917DFF97525B7D70C46D4DEDA240089F, D8239EBB5D40AA6BA42BFA542A5001206610498886369D5B31ED7A9ACC17B6B4 ] EST_BusEnum C:\WINDOWS\System32\drivers\GenBus.sys
22:12:10.0099 0x0758 EST_BusEnum - ok
22:12:10.0126 0x0758 [ B63CB796F3FC7DF6DB5C0DD7E4A6F16D, 1B4B9A1EB6FEB983D2E28B1DF60FC0F603BA2A81CC9F978DAEBD1F79C0A35B7D ] EST_Server C:\WINDOWS\System32\drivers\GenHC.sys
22:12:10.0130 0x0758 EST_Server - ok
22:12:10.0164 0x0758 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
22:12:10.0173 0x0758 EventSystem - ok
22:12:10.0205 0x0758 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:12:10.0212 0x0758 exfat - ok
22:12:10.0272 0x0758 Fabs - ok
22:12:10.0299 0x0758 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:12:10.0308 0x0758 fastfat - ok
22:12:10.0347 0x0758 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
22:12:10.0363 0x0758 Fax - ok
22:12:10.0379 0x0758 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:12:10.0380 0x0758 fdc - ok
22:12:10.0402 0x0758 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:12:10.0405 0x0758 fdPHost - ok
22:12:10.0423 0x0758 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:12:10.0426 0x0758 FDResPub - ok
22:12:10.0440 0x0758 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:12:10.0445 0x0758 fhsvc - ok
22:12:10.0453 0x0758 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
22:12:10.0456 0x0758 FileCrypt - ok
22:12:10.0472 0x0758 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:12:10.0474 0x0758 FileInfo - ok
22:12:10.0491 0x0758 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:12:10.0493 0x0758 Filetrace - ok
22:12:10.0569 0x0758 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
22:12:10.0629 0x0758 FirebirdServerMAGIXInstance - ok
22:12:10.0652 0x0758 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:12:10.0655 0x0758 flpydisk - ok
22:12:10.0685 0x0758 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:12:10.0695 0x0758 FltMgr - ok
22:12:10.0766 0x0758 [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:12:10.0804 0x0758 FontCache - ok
22:12:10.0899 0x0758 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:12:10.0900 0x0758 FontCache3.0.0.0 - ok
22:12:10.0963 0x0758 [ D1A8631ADA1E71178D3DBF5AA2BC1E85, 1BD14BA0AD48722BE8B4513F9AE09D4394E0D576138B0D9A0877D36F47F2B714 ] FoxitCloudUpdateService C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
22:12:10.0969 0x0758 FoxitCloudUpdateService - ok
22:12:10.0993 0x0758 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:12:10.0995 0x0758 FsDepends - ok
22:12:11.0010 0x0758 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:12:11.0012 0x0758 Fs_Rec - ok
22:12:11.0049 0x0758 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:12:11.0063 0x0758 fvevol - ok
22:12:11.0085 0x0758 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
22:12:11.0088 0x0758 gagp30kx - ok
22:12:11.0108 0x0758 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:12:11.0110 0x0758 GEARAspiWDM - ok
22:12:11.0144 0x0758 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:12:11.0145 0x0758 gencounter - ok
22:12:11.0160 0x0758 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
22:12:11.0162 0x0758 genericusbfn - ok
22:12:11.0180 0x0758 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:12:11.0184 0x0758 GPIOClx0101 - ok
22:12:11.0239 0x0758 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:12:11.0269 0x0758 gpsvc - ok
22:12:11.0285 0x0758 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:12:11.0286 0x0758 GpuEnergyDrv - ok
22:12:11.0335 0x0758 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:12:11.0354 0x0758 gupdate - ok
22:12:11.0364 0x0758 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:12:11.0368 0x0758 gupdatem - ok
22:12:11.0399 0x0758 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:12:11.0403 0x0758 gusvc - ok
22:12:11.0429 0x0758 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:12:11.0433 0x0758 HDAudBus - ok
22:12:11.0455 0x0758 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:12:11.0457 0x0758 HidBatt - ok
22:12:11.0473 0x0758 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:12:11.0477 0x0758 HidBth - ok
22:12:11.0494 0x0758 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:12:11.0497 0x0758 hidi2c - ok
22:12:11.0510 0x0758 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:12:11.0512 0x0758 hidinterrupt - ok
22:12:11.0535 0x0758 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:12:11.0537 0x0758 HidIr - ok
22:12:11.0566 0x0758 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:12:11.0570 0x0758 hidserv - ok
22:12:11.0599 0x0758 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:12:11.0601 0x0758 HidUsb - ok
22:12:11.0636 0x0758 [ EDE31817FC0A574E7CC3AF7E544C8951, DC8D07A15525E1CA52C5F6DFAEB2585807D45FC3400EAC9E27DC27E46B5B480F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:12:11.0644 0x0758 HomeGroupListener - ok
22:12:11.0678 0x0758 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:12:11.0691 0x0758 HomeGroupProvider - ok
22:12:11.0704 0x0758 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:12:11.0707 0x0758 HpSAMD - ok
22:12:11.0752 0x0758 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:12:11.0775 0x0758 HTTP - ok
22:12:11.0809 0x0758 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:12:11.0810 0x0758 hwpolicy - ok
22:12:11.0830 0x0758 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:12:11.0832 0x0758 hyperkbd - ok
22:12:11.0852 0x0758 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:12:11.0855 0x0758 i8042prt - ok
22:12:11.0872 0x0758 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
22:12:11.0875 0x0758 iai2c - ok
22:12:11.0891 0x0758 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
22:12:11.0896 0x0758 iaLPSS2i_I2C - ok
22:12:11.0912 0x0758 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:12:11.0913 0x0758 iaLPSSi_GPIO - ok
22:12:11.0927 0x0758 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:12:11.0930 0x0758 iaLPSSi_I2C - ok
22:12:11.0962 0x0758 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:12:11.0976 0x0758 iaStorAV - ok
22:12:11.0998 0x0758 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:12:12.0007 0x0758 iaStorV - ok
22:12:12.0027 0x0758 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
22:12:12.0037 0x0758 ibbus - ok
22:12:12.0065 0x0758 [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
22:12:12.0073 0x0758 icssvc - ok
22:12:12.0119 0x0758 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:12:12.0122 0x0758 IDriverT - ok
22:12:12.0128 0x0758 IEEtwCollectorService - ok
22:12:12.0179 0x0758 [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:12:12.0201 0x0758 IKEEXT - ok
22:12:12.0317 0x0758 [ C274B45F4F728EF471D82A437AC65937, EEF56EE12B4BDE3EF90965C33D9880749E6C22E2C945E4F24308C840BCF08BB4 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:12:12.0394 0x0758 IntcAzAudAddService - ok
22:12:12.0432 0x0758 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:12:12.0434 0x0758 intelide - ok
22:12:12.0454 0x0758 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:12:12.0456 0x0758 intelpep - ok
22:12:12.0471 0x0758 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:12:12.0476 0x0758 intelppm - ok
22:12:12.0492 0x0758 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
22:12:12.0495 0x0758 IoQos - ok
22:12:12.0529 0x0758 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:12:12.0532 0x0758 IpFilterDriver - ok
22:12:12.0573 0x0758 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:12:12.0598 0x0758 iphlpsvc - ok
22:12:12.0621 0x0758 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:12:12.0624 0x0758 IPMIDRV - ok
22:12:12.0645 0x0758 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:12:12.0650 0x0758 IPNAT - ok
22:12:12.0669 0x0758 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:12:12.0671 0x0758 IRENUM - ok
22:12:12.0698 0x0758 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:12:12.0699 0x0758 isapnp - ok
22:12:12.0715 0x0758 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:12:12.0722 0x0758 iScsiPrt - ok
22:12:12.0743 0x0758 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:12:12.0745 0x0758 kbdclass - ok
22:12:12.0759 0x0758 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:12:12.0761 0x0758 kbdhid - ok
22:12:12.0769 0x0758 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
22:12:12.0771 0x0758 kdnic - ok
22:12:12.0786 0x0758 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
22:12:12.0790 0x0758 KeyIso - ok
22:12:12.0807 0x0758 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:12:12.0811 0x0758 KSecDD - ok
22:12:12.0830 0x0758 [ C2138FE291C8235C3A26CD04EE629163, 33A840893B104BFCF111C99F8C23B283EF26D8E1BB523BDA0259F6B56B60874D ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:12:12.0834 0x0758 KSecPkg - ok
22:12:12.0843 0x0758 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
22:12:12.0845 0x0758 ksthunk - ok
22:12:12.0875 0x0758 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:12:12.0886 0x0758 KtmRm - ok
22:12:12.0916 0x0758 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:12:12.0925 0x0758 LanmanServer - ok
22:12:12.0944 0x0758 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:12:12.0954 0x0758 LanmanWorkstation - ok
22:12:12.0992 0x0758 [ 808AEDFB82408AF854A32EFBF54F7066, CBD0E6F367BD6DEE1A2C9F6754BC3BE18AFD5715D3D69399D3104406127BB32A ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
22:12:12.0994 0x0758 Lexware_Update_Service - ok
22:12:13.0033 0x0758 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
22:12:13.0036 0x0758 lfsvc - ok
22:12:13.0050 0x0758 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
22:12:13.0053 0x0758 LicenseManager - ok
22:12:13.0083 0x0758 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
22:12:13.0085 0x0758 lltdio - ok
22:12:13.0111 0x0758 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:12:13.0119 0x0758 lltdsvc - ok
22:12:13.0142 0x0758 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:12:13.0145 0x0758 lmhosts - ok
22:12:13.0179 0x0758 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:12:13.0182 0x0758 LSI_SAS - ok
22:12:13.0200 0x0758 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:12:13.0203 0x0758 LSI_SAS2i - ok
22:12:13.0221 0x0758 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:12:13.0225 0x0758 LSI_SAS3i - ok
22:12:13.0240 0x0758 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:12:13.0243 0x0758 LSI_SSS - ok
22:12:13.0270 0x0758 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
22:12:13.0287 0x0758 LSM - ok
22:12:13.0308 0x0758 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:12:13.0312 0x0758 luafv - ok
22:12:13.0346 0x0758 [ 98E3D2BB421424B0457F8B7C46113110, 479187820318E9193765ADAA1D2E83E5752D9A2B22941DF3660C413DA029E618 ] MapsBroker C:\WINDOWS\System32\moshost.dll
22:12:13.0351 0x0758 MapsBroker - ok
22:12:13.0372 0x0758 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:12:13.0374 0x0758 megasas - ok
22:12:13.0403 0x0758 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:12:13.0416 0x0758 megasr - ok
22:12:13.0443 0x0758 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:12:13.0447 0x0758 MessagingService - ok
22:12:13.0513 0x0758 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
22:12:13.0528 0x0758 mlx4_bus - ok
22:12:13.0564 0x0758 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
22:12:13.0566 0x0758 MMCSS - ok
22:12:13.0582 0x0758 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:12:13.0585 0x0758 Modem - ok
22:12:13.0601 0x0758 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:12:13.0603 0x0758 monitor - ok
22:12:13.0619 0x0758 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:12:13.0621 0x0758 mouclass - ok
22:12:13.0643 0x0758 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:12:13.0645 0x0758 mouhid - ok
22:12:13.0658 0x0758 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:12:13.0662 0x0758 mountmgr - ok
22:12:13.0700 0x0758 [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:12:13.0704 0x0758 MozillaMaintenance - ok
22:12:13.0724 0x0758 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:12:13.0728 0x0758 mpsdrv - ok
22:12:13.0768 0x0758 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:12:13.0790 0x0758 MpsSvc - ok
22:12:13.0830 0x0758 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:12:13.0834 0x0758 MRxDAV - ok
22:12:13.0881 0x0758 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:12:13.0890 0x0758 mrxsmb - ok
22:12:13.0915 0x0758 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:12:13.0921 0x0758 mrxsmb10 - ok
22:12:13.0938 0x0758 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:12:13.0944 0x0758 mrxsmb20 - ok
22:12:13.0959 0x0758 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
22:12:13.0962 0x0758 MsBridge - ok
22:12:13.0990 0x0758 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:12:13.0996 0x0758 MSDTC - ok
22:12:14.0023 0x0758 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:12:14.0025 0x0758 Msfs - ok
22:12:14.0060 0x0758 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:12:14.0062 0x0758 msgpiowin32 - ok
22:12:14.0077 0x0758 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:12:14.0079 0x0758 mshidkmdf - ok
22:12:14.0095 0x0758 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:12:14.0096 0x0758 mshidumdf - ok
22:12:14.0108 0x0758 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:12:14.0110 0x0758 msisadrv - ok
22:12:14.0137 0x0758 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:12:14.0143 0x0758 MSiSCSI - ok
22:12:14.0150 0x0758 msiserver - ok
22:12:14.0162 0x0758 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:12:14.0163 0x0758 MSKSSRV - ok
22:12:14.0180 0x0758 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
22:12:14.0182 0x0758 MsLldp - ok
22:12:14.0197 0x0758 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:12:14.0199 0x0758 MSPCLOCK - ok
22:12:14.0221 0x0758 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:12:14.0223 0x0758 MSPQM - ok
22:12:14.0249 0x0758 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:12:14.0257 0x0758 MsRPC - ok
22:12:14.0278 0x0758 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:12:14.0280 0x0758 mssmbios - ok
22:12:14.0292 0x0758 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:12:14.0294 0x0758 MSTEE - ok
22:12:14.0303 0x0758 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:12:14.0304 0x0758 MTConfig - ok
22:12:14.0324 0x0758 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:12:14.0328 0x0758 Mup - ok
22:12:14.0346 0x0758 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:12:14.0349 0x0758 mvumis - ok
22:12:14.0394 0x0758 [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:12:14.0406 0x0758 NativeWifiP - ok
22:12:14.0432 0x0758 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:12:14.0439 0x0758 NcaSvc - ok
22:12:14.0481 0x0758 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:12:14.0491 0x0758 NcbService - ok
22:12:14.0509 0x0758 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:12:14.0514 0x0758 NcdAutoSetup - ok
22:12:14.0544 0x0758 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
22:12:14.0547 0x0758 ndfltr - ok
22:12:14.0592 0x0758 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:12:14.0617 0x0758 NDIS - ok
22:12:14.0637 0x0758 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
22:12:14.0640 0x0758 NdisCap - ok
22:12:14.0677 0x0758 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:12:14.0682 0x0758 NdisImPlatform - ok
22:12:14.0716 0x0758 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:12:14.0719 0x0758 NdisTapi - ok
22:12:14.0764 0x0758 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
22:12:14.0767 0x0758 Ndisuio - ok
22:12:14.0783 0x0758 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:12:14.0785 0x0758 NdisVirtualBus - ok
22:12:14.0814 0x0758 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
22:12:14.0819 0x0758 NdisWan - ok
22:12:14.0831 0x0758 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:12:14.0835 0x0758 ndiswanlegacy - ok
22:12:14.0850 0x0758 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:12:14.0852 0x0758 ndproxy - ok
22:12:14.0875 0x0758 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:12:14.0879 0x0758 Ndu - ok
22:12:14.0895 0x0758 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
22:12:14.0897 0x0758 NetBIOS - ok
22:12:14.0931 0x0758 [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:12:14.0939 0x0758 NetBT - ok
22:12:14.0962 0x0758 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:12:14.0966 0x0758 Netlogon - ok
22:12:15.0000 0x0758 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
22:12:15.0010 0x0758 Netman - ok
22:12:15.0045 0x0758 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:12:15.0063 0x0758 netprofm - ok
22:12:15.0109 0x0758 [ D8CAB1807EA429C2C647FBC33C30CC88, 8D7CD300A5345444ED39F7BD81B64DEDC4457AF66B5993E9F6A250AE6AD02130 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
22:12:15.0122 0x0758 NetSetupSvc - ok
22:12:15.0161 0x0758 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:12:15.0195 0x0758 NetTcpPortSharing - ok
22:12:15.0242 0x0758 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
22:12:15.0253 0x0758 NgcCtnrSvc - ok
22:12:15.0286 0x0758 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
22:12:15.0306 0x0758 NgcSvc - ok
22:12:15.0342 0x0758 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:12:15.0353 0x0758 NlaSvc - ok
22:12:15.0378 0x0758 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:12:15.0381 0x0758 Npfs - ok
22:12:15.0390 0x0758 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:12:15.0392 0x0758 npsvctrig - ok
22:12:15.0465 0x0758 [ EA0EF60010FA2187F136A0B92FFDD486, E1ABCC720AF1688B57C246771F0493589AC62101665C844337676B50DEE41117 ] NPWService C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
22:12:15.0481 0x0758 NPWService - ok
22:12:15.0497 0x0758 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
22:12:15.0501 0x0758 nsi - ok
22:12:15.0517 0x0758 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:12:15.0519 0x0758 nsiproxy - ok
22:12:15.0588 0x0758 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
22:12:15.0639 0x0758 NTFS - ok
22:12:15.0660 0x0758 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:12:15.0664 0x0758 Null - ok
22:12:15.0681 0x0758 [ 801D158E73113E0016536EB4194A509B, D32815F4B2D5F112952D3AD188AE3D82E42491629D233C0D01BB7A9A05957430 ] NUS_Bus C:\WINDOWS\System32\drivers\NUS_Bus.sys
22:12:15.0683 0x0758 NUS_Bus - ok
22:12:15.0710 0x0758 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:12:15.0718 0x0758 nvraid - ok
22:12:15.0738 0x0758 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:12:15.0743 0x0758 nvstor - ok
22:12:15.0768 0x0758 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
22:12:15.0773 0x0758 nv_agp - ok
22:12:15.0818 0x0758 [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
22:12:15.0827 0x0758 OneSyncSvc - ok
|
|
26.08.2016, 16:12
| #5 |
| | Facebook Meldung über angebliche Maleware Rest Code:
ATTFilter 22:12:15.0917 0x0758 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:12:15.0929 0x0758 p2pimsvc - ok
22:12:15.0963 0x0758 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:12:15.0976 0x0758 p2psvc - ok
22:12:16.0013 0x0758 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:12:16.0016 0x0758 Parport - ok
22:12:16.0042 0x0758 [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:12:16.0046 0x0758 partmgr - ok
22:12:16.0072 0x0758 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:12:16.0088 0x0758 PcaSvc - ok
22:12:16.0133 0x0758 [ 3F89E96BDA0A24A3D2DBB7CE1E625589, 63AAF83128B8AE279BC37331D2B27133EB9DE9C61392ADF18278A301697D0307 ] pci C:\WINDOWS\system32\drivers\pci.sys
22:12:16.0141 0x0758 pci - ok
22:12:16.0157 0x0758 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:12:16.0159 0x0758 pciide - ok
22:12:16.0182 0x0758 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:12:16.0185 0x0758 pcmcia - ok
22:12:16.0201 0x0758 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:12:16.0203 0x0758 pcw - ok
22:12:16.0216 0x0758 [ 34DDBE73E42A4EDED7BEFF66F270C1A4, 420D6EC5B514423C4583839D4E185F7D71989C7BC8A854B0FCC54EE03A972381 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:12:16.0219 0x0758 pdc - ok
22:12:16.0266 0x0758 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:12:16.0282 0x0758 PEAUTH - ok
22:12:16.0296 0x0758 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
22:12:16.0299 0x0758 percsas2i - ok
22:12:16.0309 0x0758 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
22:12:16.0312 0x0758 percsas3i - ok
22:12:16.0362 0x0758 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
22:12:16.0396 0x0758 PerfHost - ok
22:12:16.0450 0x0758 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
22:12:16.0469 0x0758 PhoneSvc - ok
22:12:16.0504 0x0758 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:12:16.0514 0x0758 PimIndexMaintenanceSvc - ok
22:12:16.0599 0x0758 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
22:12:16.0637 0x0758 pla - ok
22:12:16.0669 0x0758 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:12:16.0675 0x0758 PlugPlay - ok
22:12:16.0694 0x0758 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:12:16.0698 0x0758 PNRPAutoReg - ok
22:12:16.0721 0x0758 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:12:16.0731 0x0758 PNRPsvc - ok
22:12:16.0764 0x0758 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:12:16.0775 0x0758 PolicyAgent - ok
22:12:16.0793 0x0758 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
22:12:16.0800 0x0758 Power - ok
22:12:16.0834 0x0758 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
22:12:16.0837 0x0758 PptpMiniport - ok
22:12:16.0981 0x0758 [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:12:17.0053 0x0758 PrintNotify - ok
22:12:17.0079 0x0758 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:12:17.0082 0x0758 Processor - ok
22:12:17.0114 0x0758 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:12:17.0137 0x0758 ProfSvc - ok
22:12:17.0168 0x0758 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
22:12:17.0172 0x0758 Psched - ok
22:12:17.0218 0x0758 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:12:17.0228 0x0758 QWAVE - ok
22:12:17.0262 0x0758 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:12:17.0264 0x0758 QWAVEdrv - ok
22:12:17.0294 0x0758 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:12:17.0296 0x0758 RasAcd - ok
22:12:17.0313 0x0758 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
22:12:17.0316 0x0758 RasAgileVpn - ok
22:12:17.0345 0x0758 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:12:17.0351 0x0758 RasAuto - ok
22:12:17.0382 0x0758 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
22:12:17.0385 0x0758 Rasl2tp - ok
22:12:17.0419 0x0758 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:12:17.0439 0x0758 RasMan - ok
22:12:17.0461 0x0758 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:12:17.0463 0x0758 RasPppoe - ok
22:12:17.0480 0x0758 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
22:12:17.0483 0x0758 RasSstp - ok
22:12:17.0520 0x0758 [ 1BB74617AE07539EC7C31C93F98644C7, 527F4F7ADA499814A97F68EE449F39D8A897A68B03AA24E2EE39A378D8D1DD27 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:12:17.0529 0x0758 rdbss - ok
22:12:17.0550 0x0758 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:12:17.0552 0x0758 rdpbus - ok
22:12:17.0585 0x0758 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:12:17.0589 0x0758 RDPDR - ok
22:12:17.0629 0x0758 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:12:17.0631 0x0758 RdpVideoMiniport - ok
22:12:17.0651 0x0758 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:12:17.0657 0x0758 rdyboost - ok
22:12:17.0717 0x0758 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
22:12:17.0740 0x0758 ReFSv1 - ok
22:12:17.0777 0x0758 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:12:17.0795 0x0758 RemoteAccess - ok
22:12:17.0823 0x0758 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:12:17.0832 0x0758 RemoteRegistry - ok
22:12:17.0888 0x0758 [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo C:\WINDOWS\system32\RDXService.dll
22:12:17.0929 0x0758 RetailDemo - ok
22:12:17.0970 0x0758 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:12:17.0979 0x0758 RpcEptMapper - ok
22:12:18.0007 0x0758 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:12:18.0012 0x0758 RpcLocator - ok
22:12:18.0050 0x0758 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:12:18.0069 0x0758 RpcSs - ok
22:12:18.0103 0x0758 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
22:12:18.0105 0x0758 rspndr - ok
22:12:18.0126 0x0758 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:12:18.0128 0x0758 s3cap - ok
22:12:18.0153 0x0758 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
22:12:18.0157 0x0758 SamSs - ok
22:12:18.0183 0x0758 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:12:18.0187 0x0758 sbp2port - ok
22:12:18.0219 0x0758 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:12:18.0228 0x0758 SCardSvr - ok
22:12:18.0252 0x0758 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:12:18.0260 0x0758 ScDeviceEnum - ok
22:12:18.0271 0x0758 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:12:18.0274 0x0758 scfilter - ok
22:12:18.0326 0x0758 [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:12:18.0350 0x0758 Schedule - ok
22:12:18.0380 0x0758 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:12:18.0386 0x0758 SCPolicySvc - ok
22:12:18.0426 0x0758 [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple C:\WINDOWS\system32\drivers\SplitCamAudio.sys
22:12:18.0428 0x0758 scvad_simple - ok
22:12:18.0449 0x0758 [ 1CDA6D0A2345AA589949AE9C83853913, 13E9164485BA7F7DB86CBA905C7F0E009488B03CC4F3F044EA37D04D0FB661C6 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:12:18.0456 0x0758 sdbus - ok
22:12:18.0479 0x0758 [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
22:12:18.0487 0x0758 SDRSVC - ok
22:12:18.0517 0x0758 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:12:18.0520 0x0758 sdstor - ok
22:12:18.0547 0x0758 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
22:12:18.0552 0x0758 seclogon - ok
22:12:18.0581 0x0758 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
22:12:18.0586 0x0758 SENS - ok
22:12:18.0633 0x0758 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:12:18.0672 0x0758 SensorDataService - ok
22:12:18.0714 0x0758 [ 3A96F324681545F135320A9E91793972, CD588AAF764705CAA8838776D20C88B60B9AC73EC3F4608FFCE63831AA80D3C4 ] SensorService C:\WINDOWS\system32\SensorService.dll
22:12:18.0725 0x0758 SensorService - ok
22:12:18.0748 0x0758 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:12:18.0756 0x0758 SensrSvc - ok
22:12:18.0779 0x0758 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:12:18.0782 0x0758 SerCx - ok
22:12:18.0797 0x0758 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:12:18.0801 0x0758 SerCx2 - ok
22:12:18.0825 0x0758 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:12:18.0827 0x0758 Serenum - ok
22:12:18.0854 0x0758 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:12:18.0857 0x0758 Serial - ok
22:12:18.0871 0x0758 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:12:18.0872 0x0758 sermouse - ok
22:12:18.0907 0x0758 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:12:18.0920 0x0758 SessionEnv - ok
22:12:18.0936 0x0758 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:12:18.0938 0x0758 sfloppy - ok
22:12:18.0990 0x0758 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:12:19.0002 0x0758 SharedAccess - ok
22:12:19.0047 0x0758 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:12:19.0065 0x0758 ShellHWDetection - ok
22:12:19.0085 0x0758 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:12:19.0087 0x0758 SiSRaid2 - ok
22:12:19.0109 0x0758 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:12:19.0112 0x0758 SiSRaid4 - ok
22:12:19.0181 0x0758 [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate D:\Programs\skype\Updater\Updater.exe
22:12:19.0189 0x0758 SkypeUpdate - ok
22:12:19.0215 0x0758 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
22:12:19.0219 0x0758 smphost - ok
22:12:19.0251 0x0758 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
22:12:19.0267 0x0758 SmsRouter - ok
22:12:19.0298 0x0758 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:12:19.0303 0x0758 SNMPTRAP - ok
22:12:19.0368 0x0758 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
22:12:19.0372 0x0758 Sony PC Companion - ok
22:12:19.0407 0x0758 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:12:19.0420 0x0758 spaceport - ok
22:12:19.0444 0x0758 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:12:19.0446 0x0758 SpbCx - ok
22:12:19.0485 0x0758 [ 4DE69ED909A0E2D6A748E324ACE716E4, 73EA9FBB8370D970E5BE191379BAC2FCD6A3D2C55C8EE76F3E8698D376629E62 ] SpliCamService D:\Programs\SplitCam\SplitCamService.exe
22:12:19.0492 0x0758 SpliCamService - ok
22:12:19.0529 0x0758 [ 44A1CD96A80CA4EF08ABA6507A3EC987, 83EE6E5D060D6DEB8981E6971A9243BF6D70DDDC70FE8338E2F2B2071E6B537D ] splitcam_hd_driver C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys
22:12:19.0531 0x0758 splitcam_hd_driver - ok
22:12:19.0580 0x0758 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:12:19.0600 0x0758 Spooler - ok
22:12:19.0775 0x0758 [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:12:19.0914 0x0758 sppsvc - ok
22:12:19.0971 0x0758 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:12:19.0980 0x0758 srv - ok
22:12:20.0007 0x0758 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:12:20.0022 0x0758 srv2 - ok
22:12:20.0044 0x0758 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:12:20.0050 0x0758 srvnet - ok
22:12:20.0074 0x0758 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:12:20.0083 0x0758 SSDPSRV - ok
22:12:20.0113 0x0758 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:12:20.0122 0x0758 SstpSvc - ok
22:12:20.0159 0x0758 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:12:20.0165 0x0758 ssudmdm - ok
22:12:20.0263 0x0758 [ 99435AD1BC9E7E7CEA528868E5B1F9B2, 66C490EB12BFF8834842D28B1138E69180B972CCFDD3D33263A94A79DED0C6CB ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:12:20.0323 0x0758 StateRepository - ok
22:12:20.0390 0x0758 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:12:20.0409 0x0758 Steam Client Service - ok
22:12:20.0435 0x0758 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:12:20.0437 0x0758 stexstor - ok
22:12:20.0462 0x0758 [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
22:12:20.0463 0x0758 StillCam - ok
22:12:20.0500 0x0758 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
22:12:20.0519 0x0758 stisvc - ok
22:12:20.0539 0x0758 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:12:20.0543 0x0758 storahci - ok
22:12:20.0560 0x0758 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:12:20.0562 0x0758 storflt - ok
22:12:20.0586 0x0758 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:12:20.0589 0x0758 stornvme - ok
22:12:20.0612 0x0758 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
22:12:20.0615 0x0758 storqosflt - ok
22:12:20.0666 0x0758 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:12:20.0688 0x0758 StorSvc - ok
22:12:20.0725 0x0758 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
22:12:20.0729 0x0758 storufs - ok
22:12:20.0741 0x0758 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:12:20.0743 0x0758 storvsc - ok
22:12:20.0770 0x0758 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
22:12:20.0775 0x0758 svsvc - ok
22:12:20.0794 0x0758 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:12:20.0796 0x0758 swenum - ok
22:12:20.0828 0x0758 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
22:12:20.0843 0x0758 swprv - ok
22:12:20.0876 0x0758 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:12:20.0879 0x0758 Synth3dVsc - ok
22:12:20.0925 0x0758 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
22:12:20.0952 0x0758 SysMain - ok
22:12:20.0988 0x0758 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:12:21.0001 0x0758 SystemEventsBroker - ok
22:12:21.0029 0x0758 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:12:21.0036 0x0758 TabletInputService - ok
22:12:21.0071 0x0758 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys
22:12:21.0073 0x0758 tap0901 - ok
22:12:21.0105 0x0758 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:12:21.0126 0x0758 TapiSrv - ok
22:12:21.0230 0x0758 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:12:21.0280 0x0758 Tcpip - ok
22:12:21.0343 0x0758 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
22:12:21.0384 0x0758 Tcpip6 - ok
22:12:21.0421 0x0758 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:12:21.0428 0x0758 tcpipreg - ok
22:12:21.0469 0x0758 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:12:21.0473 0x0758 tdx - ok
22:12:21.0745 0x0758 [ 1E5C0109DDD581152B459710B0C9C35D, AC4B053178DAF1A3A0F80B483CA134E3D9646B90732B1E35B28F810ED3A8B5F8 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:12:21.0905 0x0758 TeamViewer - ok
22:12:21.0957 0x0758 [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\WINDOWS\System32\drivers\teamviewervpn.sys
22:12:21.0960 0x0758 teamviewervpn - ok
22:12:21.0993 0x0758 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:12:21.0996 0x0758 terminpt - ok
22:12:22.0051 0x0758 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
22:12:22.0078 0x0758 TermService - ok
22:12:22.0103 0x0758 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
22:12:22.0110 0x0758 Themes - ok
22:12:22.0144 0x0758 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:12:22.0155 0x0758 TieringEngineService - ok
22:12:22.0202 0x0758 [ EAB476E252CE866727624B5224A054E4, 1F84A1A99FA07AA1A8F4BF2FFD778562AE59612D549C1CC911CEE74CBE71F831 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:12:22.0227 0x0758 tiledatamodelsvc - ok
22:12:22.0265 0x0758 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
22:12:22.0275 0x0758 TimeBroker - ok
22:12:22.0311 0x0758 [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
22:12:22.0317 0x0758 TPM - ok
22:12:22.0336 0x0758 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:12:22.0347 0x0758 TrkWks - ok
22:12:22.0384 0x0758 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:12:22.0387 0x0758 TrustedInstaller - ok
22:12:22.0417 0x0758 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
22:12:22.0420 0x0758 tsusbflt - ok
22:12:22.0443 0x0758 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:12:22.0446 0x0758 TsUsbGD - ok
22:12:22.0489 0x0758 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
22:12:22.0496 0x0758 tunnel - ok
22:12:22.0537 0x0758 [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
22:12:22.0544 0x0758 tzautoupdate - ok
22:12:22.0578 0x0758 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
22:12:22.0581 0x0758 uagp35 - ok
22:12:22.0612 0x0758 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:12:22.0614 0x0758 UASPStor - ok
22:12:22.0645 0x0758 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
22:12:22.0648 0x0758 UcmCx0101 - ok
22:12:22.0665 0x0758 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:12:22.0669 0x0758 UcmUcsi - ok
22:12:22.0690 0x0758 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
22:12:22.0696 0x0758 Ucx01000 - ok
22:12:22.0711 0x0758 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
22:12:22.0713 0x0758 UdeCx - ok
22:12:22.0740 0x0758 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:12:22.0749 0x0758 udfs - ok
22:12:22.0766 0x0758 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:12:22.0769 0x0758 UEFI - ok
22:12:22.0796 0x0758 [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
22:12:22.0803 0x0758 Ufx01000 - ok
22:12:22.0825 0x0758 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:12:22.0829 0x0758 UfxChipidea - ok
22:12:22.0846 0x0758 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:12:22.0850 0x0758 ufxsynopsys - ok
22:12:22.0884 0x0758 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:12:22.0889 0x0758 UI0Detect - ok
22:12:22.0910 0x0758 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
22:12:22.0913 0x0758 uliagpkx - ok
22:12:22.0931 0x0758 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:12:22.0934 0x0758 umbus - ok
22:12:22.0953 0x0758 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:12:22.0955 0x0758 UmPass - ok
22:12:22.0982 0x0758 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:12:22.0995 0x0758 UmRdpService - ok
22:12:23.0054 0x0758 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
22:12:23.0089 0x0758 UnistoreSvc - ok
22:12:23.0174 0x0758 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
22:12:23.0194 0x0758 upnphost - ok
22:12:23.0222 0x0758 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
22:12:23.0224 0x0758 UrsChipidea - ok
22:12:23.0260 0x0758 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
22:12:23.0263 0x0758 UrsCx01000 - ok
22:12:23.0285 0x0758 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
22:12:23.0287 0x0758 UrsSynopsys - ok
22:12:23.0318 0x0758 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
22:12:23.0321 0x0758 USBAAPL64 - ok
22:12:23.0347 0x0758 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:12:23.0355 0x0758 usbccgp - ok
22:12:23.0380 0x0758 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:12:23.0388 0x0758 usbcir - ok
22:12:23.0419 0x0758 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:12:23.0423 0x0758 usbehci - ok
22:12:23.0470 0x0758 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
22:12:23.0472 0x0758 usbfilter - ok
22:12:23.0508 0x0758 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:12:23.0523 0x0758 usbhub - ok
22:12:23.0559 0x0758 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:12:23.0575 0x0758 USBHUB3 - ok
22:12:23.0610 0x0758 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:12:23.0612 0x0758 usbohci - ok
22:12:23.0640 0x0758 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:12:23.0642 0x0758 usbprint - ok
22:12:23.0668 0x0758 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
22:12:23.0671 0x0758 usbser - ok
22:12:23.0702 0x0758 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:12:23.0707 0x0758 USBSTOR - ok
22:12:23.0735 0x0758 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:12:23.0738 0x0758 usbuhci - ok
22:12:23.0767 0x0758 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:12:23.0776 0x0758 USBXHCI - ok
22:12:23.0832 0x0758 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
22:12:23.0866 0x0758 UserDataSvc - ok
22:12:23.0960 0x0758 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
22:12:23.0985 0x0758 UserManager - ok
22:12:24.0026 0x0758 [ BF6C588423B2F856015AE8F61D93D01F, D45A3409E4EF026ECF1F8295EF9CFAA4C111776C2BA04171591744CDAB912479 ] UsoSvc C:\WINDOWS\system32\usocore.dll
22:12:24.0038 0x0758 UsoSvc - ok
22:12:24.0061 0x0758 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:12:24.0065 0x0758 VaultSvc - ok
22:12:24.0088 0x0758 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:12:24.0091 0x0758 vdrvroot - ok
22:12:24.0151 0x0758 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
22:12:24.0170 0x0758 vds - ok
22:12:24.0191 0x0758 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:12:24.0197 0x0758 VerifierExt - ok
22:12:24.0230 0x0758 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:12:24.0245 0x0758 vhdmp - ok
22:12:24.0265 0x0758 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
22:12:24.0267 0x0758 vhf - ok
22:12:24.0284 0x0758 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:12:24.0287 0x0758 vmbus - ok
22:12:24.0300 0x0758 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:12:24.0301 0x0758 VMBusHID - ok
22:12:24.0338 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:12:24.0351 0x0758 vmicguestinterface - ok
22:12:24.0366 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
22:12:24.0379 0x0758 vmicheartbeat - ok
22:12:24.0395 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:12:24.0406 0x0758 vmickvpexchange - ok
22:12:24.0424 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
22:12:24.0434 0x0758 vmicrdv - ok
22:12:24.0452 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
22:12:24.0463 0x0758 vmicshutdown - ok
22:12:24.0481 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
22:12:24.0491 0x0758 vmictimesync - ok
22:12:24.0509 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
22:12:24.0519 0x0758 vmicvmsession - ok
22:12:24.0535 0x0758 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
22:12:24.0546 0x0758 vmicvss - ok
22:12:24.0567 0x0758 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:12:24.0570 0x0758 volmgr - ok
22:12:24.0591 0x0758 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:12:24.0600 0x0758 volmgrx - ok
22:12:24.0621 0x0758 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:12:24.0629 0x0758 volsnap - ok
22:12:24.0644 0x0758 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
22:12:24.0647 0x0758 vpci - ok
22:12:24.0663 0x0758 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:12:24.0668 0x0758 vsmraid - ok
22:12:24.0725 0x0758 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
22:12:24.0759 0x0758 VSS - ok
22:12:24.0786 0x0758 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:12:24.0794 0x0758 VSTXRAID - ok
22:12:24.0823 0x0758 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:12:24.0825 0x0758 vwifibus - ok
22:12:24.0843 0x0758 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
22:12:24.0846 0x0758 vwififlt - ok
22:12:24.0882 0x0758 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
22:12:24.0897 0x0758 W32Time - ok
22:12:24.0912 0x0758 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:12:24.0913 0x0758 WacomPen - ok
22:12:24.0947 0x0758 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
22:12:24.0961 0x0758 WalletService - ok
22:12:24.0994 0x0758 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:12:24.0997 0x0758 wanarp - ok
22:12:25.0005 0x0758 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:12:25.0009 0x0758 wanarpv6 - ok
22:12:25.0059 0x0758 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
22:12:25.0095 0x0758 wbengine - ok
22:12:25.0142 0x0758 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:12:25.0159 0x0758 WbioSrvc - ok
22:12:25.0195 0x0758 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:12:25.0212 0x0758 Wcmsvc - ok
22:12:25.0247 0x0758 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:12:25.0261 0x0758 wcncsvc - ok
22:12:25.0280 0x0758 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:12:25.0286 0x0758 WcsPlugInService - ok
22:12:25.0320 0x0758 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:12:25.0322 0x0758 WdBoot - ok
22:12:25.0355 0x0758 [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
22:12:25.0357 0x0758 WDC_SAM - ok
22:12:25.0394 0x0758 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:12:25.0412 0x0758 Wdf01000 - ok
22:12:25.0431 0x0758 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:12:25.0438 0x0758 WdFilter - ok
22:12:25.0466 0x0758 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:12:25.0473 0x0758 WdiServiceHost - ok
22:12:25.0482 0x0758 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:12:25.0488 0x0758 WdiSystemHost - ok
22:12:25.0529 0x0758 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:12:25.0544 0x0758 wdiwifi - ok
22:12:25.0569 0x0758 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:12:25.0573 0x0758 WdNisDrv - ok
22:12:25.0597 0x0758 WdNisSvc - ok
22:12:25.0614 0x0758 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:12:25.0623 0x0758 WebClient - ok
22:12:25.0643 0x0758 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:12:25.0652 0x0758 Wecsvc - ok
22:12:25.0666 0x0758 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:12:25.0671 0x0758 WEPHOSTSVC - ok
22:12:25.0687 0x0758 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:12:25.0694 0x0758 wercplsupport - ok
22:12:25.0715 0x0758 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:12:25.0724 0x0758 WerSvc - ok
22:12:25.0746 0x0758 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
22:12:25.0750 0x0758 WFPLWFS - ok
22:12:25.0771 0x0758 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:12:25.0778 0x0758 WiaRpc - ok
22:12:25.0816 0x0758 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:12:25.0818 0x0758 WIMMount - ok
22:12:25.0823 0x0758 WinDefend - ok
22:12:25.0852 0x0758 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:12:25.0855 0x0758 WindowsTrustedRT - ok
22:12:25.0886 0x0758 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:12:25.0888 0x0758 WindowsTrustedRTProxy - ok
22:12:25.0925 0x0758 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:12:25.0947 0x0758 WinHttpAutoProxySvc - ok
22:12:25.0974 0x0758 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
22:12:25.0977 0x0758 WinMad - ok
22:12:26.0022 0x0758 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:12:26.0028 0x0758 Winmgmt - ok
22:12:26.0104 0x0758 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:12:26.0164 0x0758 WinRM - ok
22:12:26.0190 0x0758 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
22:12:26.0194 0x0758 WINUSB - ok
22:12:26.0208 0x0758 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
22:12:26.0211 0x0758 WinVerbs - ok
22:12:26.0293 0x0758 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:12:26.0344 0x0758 WlanSvc - ok
22:12:26.0417 0x0758 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:12:26.0463 0x0758 wlidsvc - ok
22:12:26.0480 0x0758 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:12:26.0482 0x0758 WmiAcpi - ok
22:12:26.0511 0x0758 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:12:26.0516 0x0758 wmiApSrv - ok
22:12:26.0541 0x0758 WMPNetworkSvc - ok
22:12:26.0567 0x0758 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:12:26.0572 0x0758 Wof - ok
22:12:26.0650 0x0758 [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:12:26.0693 0x0758 workfolderssvc - ok
22:12:26.0725 0x0758 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:12:26.0728 0x0758 wpcfltr - ok
22:12:26.0752 0x0758 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:12:26.0759 0x0758 WPDBusEnum - ok
22:12:26.0788 0x0758 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:12:26.0790 0x0758 WpdUpFltr - ok
22:12:26.0819 0x0758 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
22:12:26.0825 0x0758 WpnService - ok
22:12:26.0839 0x0758 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:12:26.0841 0x0758 ws2ifsl - ok
22:12:26.0870 0x0758 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:12:26.0879 0x0758 wscsvc - ok
22:12:26.0901 0x0758 [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
22:12:26.0903 0x0758 WSDPrintDevice - ok
22:12:26.0919 0x0758 [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
22:12:26.0921 0x0758 WSDScan - ok
22:12:26.0929 0x0758 WSearch - ok
22:12:27.0044 0x0758 [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService C:\WINDOWS\System32\WSService.dll
22:12:27.0120 0x0758 WSService - ok
22:12:27.0217 0x0758 [ BFB3F9076F9B6CBC540012842177DD63, 669C6BE8D7AF18FB8934267E713315F95B17AE6563352745FF594816BB581768 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:12:27.0269 0x0758 wuauserv - ok
22:12:27.0292 0x0758 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:12:27.0295 0x0758 WudfPf - ok
22:12:27.0312 0x0758 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
22:12:27.0318 0x0758 WUDFRd - ok
22:12:27.0342 0x0758 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:12:27.0350 0x0758 wudfsvc - ok
22:12:27.0363 0x0758 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:12:27.0368 0x0758 WUDFWpdFs - ok
22:12:27.0385 0x0758 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:12:27.0391 0x0758 WUDFWpdMtp - ok
22:12:27.0442 0x0758 [ A17D939E89831694963802A729191D1F, 5DE24F3A19BC83589D3FEE19C4E44ED04450AD2F3225745A45BA7B702E7DDFD6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:12:27.0483 0x0758 WwanSvc - ok
22:12:27.0549 0x0758 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
22:12:27.0575 0x0758 XblAuthManager - ok
22:12:27.0630 0x0758 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
22:12:27.0660 0x0758 XblGameSave - ok
22:12:27.0681 0x0758 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
22:12:27.0688 0x0758 xboxgip - ok
22:12:27.0747 0x0758 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
22:12:27.0776 0x0758 XboxNetApiSvc - ok
22:12:27.0810 0x0758 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
22:12:27.0813 0x0758 xinputhid - ok
22:12:27.0818 0x0758 ================ Scan global ===============================
22:12:27.0849 0x0758 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
22:12:27.0883 0x0758 [ 602060E8FD837EC184B10B32795D62AB, BC15589FF036A2FD2F598BA5D2E3F0D5EF348C73870F5CC763A3A04B8A9166F3 ] C:\WINDOWS\system32\winsrv.dll
22:12:27.0907 0x0758 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
22:12:27.0950 0x0758 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
22:12:27.0961 0x0758 [ Global ] - ok
22:12:27.0962 0x0758 ================ Scan MBR ==================================
22:12:27.0975 0x0758 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:12:27.0990 0x0758 \Device\Harddisk0\DR0 - ok
22:12:27.0997 0x0758 ================ Scan VBR ==================================
22:12:28.0003 0x0758 [ 62C16B7824B9F8BBDF14E0E07C0E9CAF ] \Device\Harddisk0\DR0\Partition1
22:12:28.0005 0x0758 \Device\Harddisk0\DR0\Partition1 - ok
22:12:28.0027 0x0758 [ 14508A03235B5043BB48CF5C4F3AE72B ] \Device\Harddisk0\DR0\Partition2
22:12:28.0028 0x0758 \Device\Harddisk0\DR0\Partition2 - ok
22:12:28.0063 0x0758 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
22:12:28.0063 0x0758 \Device\Harddisk0\DR0\Partition3 - ok
22:12:28.0077 0x0758 [ FEDBA2722B3EDDEFDA14892BB08A4629 ] \Device\Harddisk0\DR0\Partition4
22:12:28.0079 0x0758 \Device\Harddisk0\DR0\Partition4 - ok
22:12:28.0097 0x0758 [ A661F2C72223FB0B6F4A547703890877 ] \Device\Harddisk0\DR0\Partition5
22:12:28.0098 0x0758 \Device\Harddisk0\DR0\Partition5 - ok
22:12:28.0106 0x0758 [ A1CB9D167DF3049AC66456015E06B579 ] \Device\Harddisk0\DR0\Partition6
22:12:28.0107 0x0758 \Device\Harddisk0\DR0\Partition6 - ok
22:12:28.0142 0x0758 [ 84C2D606666FA6567BC93390E9ED64A5 ] \Device\Harddisk0\DR0\Partition7
22:12:28.0143 0x0758 \Device\Harddisk0\DR0\Partition7 - ok
22:12:28.0143 0x0758 ================ Scan generic autorun ======================
22:12:28.0425 0x0758 [ 8BC9D275BBCE69D80431D6EDB886ADD2, B416E6C0A26C98B82E1065BAB3C86CED6B9AC6021764BA0AE92C748CB4FC3A9F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
22:12:28.0619 0x0758 RTHDVCPL - ok
22:12:28.0688 0x0758 [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:12:28.0718 0x0758 RtHDVBg - ok
22:12:28.0796 0x0758 [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:12:28.0837 0x0758 StartCCC - ok
22:12:28.0893 0x0758 [ 26443C4332B966C44481D1DE8D1BCBB4, 2407EE6A227D2F52AE0AB270FCBECB00242F715B4A63CE2E0362D388740FB67B ] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
22:12:28.0907 0x0758 ASUS AiChargerPlus Execute - ok
22:12:29.0065 0x0758 [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
22:12:29.0167 0x0758 ASUSWebStorage - ok
22:12:29.0301 0x0758 [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
22:12:29.0376 0x0758 ASUSPRP - ok
22:12:29.0384 0x0758 mcui_exe - ok
22:12:29.0448 0x0758 [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
22:12:29.0450 0x0758 RemoteControl10 - ok
22:12:29.0729 0x0758 [ 70050353213574B62CA9EC28F65F2F3E, 3EBC0ABFC9ABFE4508E21A032A28D12B73CB91DE1FD830069FF902336A271E68 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:12:29.0910 0x0758 AvastUI.exe - ok
22:12:29.0987 0x0758 [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
22:12:29.0995 0x0758 KiesTrayAgent - ok
22:12:30.0060 0x0758 [ 112067B1E0C808FD01AB4E4E1FF32E95, 9445BC48E49BB04750869E21AA2E55F2A8D4184B936CDA5B0C82323F1DAD4731 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
22:12:30.0072 0x0758 DivXMediaServer - ok
22:12:30.0138 0x0758 [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:12:30.0177 0x0758 DivXUpdate - ok
22:12:30.0230 0x0758 [ 6E5999B4A55D98413D5BE01CB65D2B1A, A6631E690680149602889E0D1CBAA33119260753CE5D6E1E49F54BC7AFDA3C48 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
22:12:30.0232 0x0758 ProductUpdater - ok
22:12:30.0277 0x0758 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
22:12:30.0280 0x0758 HP Software Update - ok
22:12:30.0518 0x0758 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:12:30.0674 0x0758 OneDriveSetup - ok
22:12:30.0892 0x0758 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:12:31.0092 0x0758 OneDriveSetup - ok
22:12:31.0169 0x0758 [ 050B7200B62D1B3EA58D86E732F59B85, F6C29073737F9343E1FA2C8E4235667C26561AC7B444DD66259F8308CAD7F667 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
22:12:31.0177 0x0758 HydraVisionDesktopManager - ok
22:12:31.0198 0x0758 [ 98D30D84B508D962C2E738EBE386B124, D8783D8B52A85D2ECBF10F54FFE0520421D4C3905E7C585AEDB5D09CB96C3BAC ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
22:12:31.0206 0x0758 Grid - ok
22:12:31.0233 0x0758 [ DC4F8D79C105AF3041ECD5A1CC932AF2, BC3696D7A7E174CF76C7CE4CDED1FBE29436B83948FA8AC8B35A8CED3981EB55 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
22:12:31.0245 0x0758 HydraVisionMDEngine - ok
22:12:31.0352 0x0758 [ 90A0385050D9AF5CCD279A37BD3E0324, 4CDAF863349E541BD4D2AA12729A241C3E1110058EDA6CABA09B279A5789D14E ] C:\Program Files (x86)\Generic\USB Server\USBServer.exe
22:12:31.0393 0x0758 USBServer - ok
22:12:31.0519 0x0758 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
22:12:31.0522 0x0758 Dropbox Update - ok
22:12:31.0712 0x0758 [ B0E08F135E64D4D9BE120E7236617875, B2DF285CD6A5C646614BBDA3655764DB67CA2F90F8B423484B15D095D70F099D ] C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe
22:12:31.0830 0x0758 Amazon Music - ok
22:12:31.0907 0x0758 [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:12:31.0921 0x0758 OneDrive - ok
22:12:32.0051 0x0758 [ 7EB63F65BEE6FA0B12F763B4C5DEFB83, A36AC5C6C3E0B99AFDC90EADE99EF637ACD4CFC7AF628615FBC383F8CA07268A ] C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
22:12:32.0118 0x0758 HP Officejet 5740 series (NET) - ok
22:12:32.0209 0x0758 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
22:12:32.0214 0x0758 Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok
22:12:32.0246 0x0758 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
22:12:32.0252 0x0758 Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 - ok
22:12:32.0286 0x0758 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
22:12:32.0292 0x0758 Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 - ok
22:12:32.0321 0x0758 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
22:12:32.0326 0x0758 Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64 - ok
22:12:32.0357 0x0758 [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
22:12:32.0362 0x0758 Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 - ok
22:12:32.0364 0x0758 Waiting for KSN requests completion. In queue: 241
22:12:33.0404 0x0758 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
22:12:33.0417 0x0758 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x41000 ( enabled : updated )
22:12:33.0419 0x0758 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x41010 ( enabled )
22:12:33.0576 0x0758 ============================================================
22:12:33.0576 0x0758 Scan finished
22:12:33.0576 0x0758 ============================================================
22:12:33.0591 0x11e4 Detected object count: 0
22:12:33.0591 0x11e4 Actual detected object count: 0
22:12:55.0049 0x0de0 Deinitialize success
|
|
26.08.2016, 18:19
| #6 | |
| /// TB-Ausbilder | Facebook Meldung über angebliche Maleware Servus, danke für die Info, dann können wir loslegen.   Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Für AdwCleaner gibt es schon ein Update (6.01), daher führen wir das nochmal aus, bitte genau lesen. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
28.08.2016, 13:12
| #7 |
| | Facebook Meldung über angebliche Maleware Log Datei ADW Cleaner: Code:
ATTFilter # AdwCleaner v6.010 - Logfile created 28/08/2016 at 13:24:57
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-27.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Flo Admin - BÜROSUF
# Running from : C:\Users\Flo Admin\Desktop\AdwCleaner_6.010.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
:: "Prefetch" files deleted
:: Proxy settings cleared
:: IE policies deleted
:: Chrome policies deleted
:: Chrome preferences reset: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6021 Bytes] - [24/08/2016 15:16:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1219 Bytes] - [24/08/2016 15:28:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [1093 Bytes] - [28/08/2016 13:24:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [5968 Bytes] - [24/08/2016 15:14:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [1334 Bytes] - [24/08/2016 15:24:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1428 Bytes] - [28/08/2016 13:24:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1385 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.08.2016 Suchlaufzeit: 13:32 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.08.28.04 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Flo Admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 372171 Abgelaufene Zeit: 22 Min., 58 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 3 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , In Quarantäne, [88ec4c045a40fe38ec6147724fb45ca4], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [78fcb49c53479d997d9eb32b4fb46997], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [9fd5ca86970313238498588612f12bd5], Registrierungswerte: 7 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [50242f214b4f83b388c45a5f0cf73ac6] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [70045ff1bfdbe6503d0f2198966d18e8] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [185ca0b05446fa3c5af27247dd2658a8] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [4b29a0b0f8a253e362ea84351de61de3] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [3a3ad977821820168cc003b67192956b] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [d2a276da4456a98da6a65d5ce71cf30d] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130631432418369985, In Quarantäne, [88ec4c045a40fe38ec6147724fb45ca4] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 20 PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DefualtImages, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [6d07dd731189b3837429725306fceb15], Dateien: 76 PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Samsung Kies - CHIP-Installer.exe, In Quarantäne, [da9aaba5debcd66088746fa73bc59868], PUP.Optional.DownloadGuide, C:\Users\Flo Admin\Downloads\SandboxieInstall_CB-DL-Manager.exe, In Quarantäne, [aec6e26e138785b1cef4b1ce39c88a76], PUP.Optional.SofTonic, C:\Users\Flo Admin\Downloads\SoftonicDownloader_fuer_artrage.exe, In Quarantäne, [7004a5ab1585999d4cf832ee5ca4eb15], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Studio One Free - CHIP-Installer.exe, In Quarantäne, [f480cd834f4b94a20def070f2dd3eb15], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Tor Browser Paket - CHIP-Installer.exe, In Quarantäne, [4133db75fb9f7fb714e80115e02018e8], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\DarkWave Studio - CHIP-Installer.exe, In Quarantäne, [23511838900ab086cd2f1bfbb14f58a8], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\CopyTrans Contacts - CHIP-Installer.exe, In Quarantäne, [304453fdacee0b2b708c9b7b8080cb35], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Helium Backup Desktop Client - CHIP-Installer.exe, In Quarantäne, [c8acdb751c7e0e2851ab53c327d9669a], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\http___i.imgur.com_phFeCiS.png_downloader.exe, In Quarantäne, [14605ff18b0f96a0bac2679556aa2bd5], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Installer(1).exe, In Quarantäne, [ed8771dffb9fc76fc23ad93dfb0558a8], PUP.Optional.Downloader, C:\Users\Flo Admin\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Installer.exe, In Quarantäne, [03717dd3f8a21b1b7c8066b0b34d44bc], Worm.SFDC, C:\Users\Flo Admin\homep.exe, In Quarantäne, [afc5123e64364ceab390141130d3ac54], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\RoundedCornersIE9.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DialogsAPI.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\excanvas.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\generalDialogStyle.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\PIE.htc, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\RoundedCorners.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\settings.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\version.txt, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\AddedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DefualtImages\icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [6d07dd731189b3837429725306fceb15], PUP.Optional.ConduitTB.Gen, C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\CT2613550\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [6d07dd731189b3837429725306fceb15], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Flo Admin (Administrator) on 28.08.2016 at 14:00:57,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\SysWOW64\REN2CD6.tmp (File)
Registry: 4
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2016 at 14:04:35,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Flo Admin (Administrator) on 28.08.2016 at 14:00:57,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\SysWOW64\REN2CD6.tmp (File)
Registry: 4
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{269D0B18-45D0-46D0-A644-2D60D928BC7F} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2016 at 14:04:35,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-08-2016
durchgeführt von Flo Admin (28-08-2016 14:08:58)
Gestartet von C:\Users\Flo Admin\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-02 16:24:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4126187190-1361339850-3817463540-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4126187190-1361339850-3817463540-503 - Limited - Disabled)
Flo Admin (S-1-5-21-4126187190-1361339850-3817463540-1001 - Administrator - Enabled) => C:\Users\Flo Admin
Gast (S-1-5-21-4126187190-1361339850-3817463540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4126187190-1361339850-3817463540-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version: - U.S. Army)
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 2 Starter Edition (HKLM-x32\...\{394C2C3E-CA18-4216-B430-ACDD82C26973}) (Version: 2.6.0 - Ambient Design)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haufe Formular-Manager (HKLM-x32\...\{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}) (Version: 2.1.8.0 - Haufe)
Haufe iDesk-Browser (HKLM-x32\...\{043671DC-DE3A-4A5B-B7A2-34F7DF6F5523}) (Version: 7.07.25.4312 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{A4E86B6A-6EEC-41FD-8960-26947F0E3353}) (Version: 7.09.07.4355 - Haufe)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Hilfe (HKLM-x32\...\{0C0C43A4-CDBF-4CF6-9902-4CF6BBD09C80}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
leogeo_timebeat (HKLM-x32\...\leogeo_timebeat_is1) (Version: - )
Lexware buchhalter 2016 (HKLM-x32\...\{c471bebe-ad7b-4c54-8a91-2d314fd041a0}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2016 (x32 Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware know how buchhaltung (HKLM-x32\...\{86C5FBB1-83D3-4E79-B60C-FB43BF003AE9}) (Version: 6.0.0.0 - Haufe Mediengruppe)
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi)
Prezi Desktop (x32 Version: 6.12.1.0 - Prezi) Hidden
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SplitCam (HKLM-x32\...\SplitCam) (Version: 7.4.4.1 - SplitCam Co)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet 5740 series (HKLM\...\{E49940D5-31DD-40BA-851D-3B82C4FF7A18}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65280 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
USB Server (HKLM-x32\...\InstallShield_{2DCD32C2-EBB2-4461-8398-6FBA1E8BCD0D}) (Version: 09.1117.0028 - Ihr Firmenname)
USB Server (x32 Version: 09.1117.0028 - Ihr Firmenname) Hidden
USB Server NPW (HKLM-x32\...\InstallShield_{7B88E312-ED74-4FE4-BC76-18DA40597382}) (Version: - )
USB Server NPW (Version: 09.1117.0028 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002DB84B-CC92-4F9E-A0BE-E87B9453079B} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {15E5D4B8-C0E1-4B8B-8D99-5D6C13A1AF0B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {33D000FE-8321-4DA3-BDAA-C90D6DCFB54D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {37FC83F6-061F-4D09-A5B9-CA2AA83C06A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {4129F7A2-1670-4846-8E34-C78C7B2E349E} - System32\Tasks\SafeZone scheduled Autoupdate 1451348094 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {49C49F98-87C7-4737-974D-7B483CCB4DF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5956B518-9EF2-475F-8FE5-AAAC2E8B2E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B792BFE-472A-4572-8089-14AD5D9B19FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {75E37311-C0C7-47CD-B46F-7E0743A7C349} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {837E1E21-372A-46A3-BEBC-20A0D334F80E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-12-28] ()
Task: {85859EF5-0169-4590-9C7A-D3ACCD511113} - System32\Tasks\{BF70E981-2856-4D51-B24D-AEF709BD9888} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {870B6537-E047-4216-926B-000757F67EEF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {8B344A7B-0D2B-4201-8661-07D40F0BD767} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9A6505A9-ADD4-4E45-84CE-794EB4AD0B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {9F311C0A-4399-4B6C-860B-6CFB5CF40ECD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A0B52DA2-F889-4882-B6D8-C15ED151A088} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {AADFA08E-9B63-4794-A107-8A971BB93DF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AD8A5F53-032B-4BE5-B984-E5754BA88609} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B76472CA-DB70-4EA5-89FA-0536DDB2CA93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {C8699E42-5061-4448-B95F-BCD5011F54F7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {E67ED1D2-A91D-48AD-8B60-032CD299B1A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E7735B02-AEE1-4CEF-AFD2-EEE73F071A9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {E90A38FA-74F3-4C11-AEF6-0EB529BCF61E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EB7532DE-4464-46D2-B977-C126614D0FC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EC44A142-D2D6-451E-8822-E0DF8F19D55B} - System32\Tasks\{47D082D0-DAC8-47E7-866E-8F70FCB1A8A2} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {EF5A316F-7C15-43D2-AC4C-BC271A3F7B9A} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {F5556D06-9B9A-429E-A85A-7DE576DE25EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FD3264FB-3D5E-4D23-A078-70CC5A09E0DA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk -> C:\ProgramData\Ashampoo\DeDigital.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=dedi&edition=eid=15376&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=15376&utm_medium=desktop&x-pos=Metro
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-14 21:55 - 2016-07-28 23:01 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-07-08 12:35 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00783360 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00184320 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWpsm.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00270848 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWdcp.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00087552 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWlog.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00098816 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWuntp.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01864384 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 00:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-02 17:49 - 2016-02-02 17:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 00:42 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 00:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 00:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-27 12:36 - 2016-08-27 12:36 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082700\algo.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-08 12:35 - 2016-08-28 13:26 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 12:35 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-10-23 10:11 - 2013-10-23 10:11 - 00114336 _____ () D:\Programs\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2016-04-19 07:21 - 2016-04-19 07:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B50E6ACD-FE4D-4FA7-AD62-292930B2E001}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{0D1BD89E-942A-481D-9793-CBDD87278D76}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{8633FA9A-00AB-4D6B-9F2D-D792A86AB35A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A57700A-5BB9-484E-B6BD-A60C80B2030D}] => (Allow) LPort=5357
FirewallRules: [{A6D98DA9-3CAF-4966-A270-4756F6F6E049}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{8F7CFD95-B1FD-4E86-B33B-33301E3E8B3F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{2A68F774-368B-4770-A3F0-1940CA721348}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{23406359-CA38-495F-BAFF-B0FD369C2B01}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{9A37B5EF-BE64-45F1-8A03-FD869C11F676}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{A6D0BF2B-B59B-4B31-AC70-F271D90DB24B}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{2E3986CF-1592-4B44-A072-5B34C8522F9D}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{01F9A868-FDD2-4C83-9251-7E337F01CCB9}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{6A9C2651-3469-492A-A9AA-4A1F5A746F79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEC98AA3-AAB4-4E22-8ED7-A32431BD514A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{53803361-4D74-428C-8985-9469C27A8AE2}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [TCP Query User{CAEFD55D-1B24-4845-8A04-94A2182C5552}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [{B1A34152-54F4-4E98-8B60-4718839394E2}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{6FE3A923-8A1E-4512-9E73-C5F6661E34FE}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{01AE655B-AEA6-4D34-B7E6-B93D558C11CF}] => (Allow) D:\Programs\skype\Phone\Skype.exe
FirewallRules: [{4C892305-F1CD-456F-9479-29C4A9D6A1F5}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{B620889F-981E-4380-BD48-5B2A78FFD7B9}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [UDP Query User{06E9E7E6-5460-45A9-99F7-4861592FDBD1}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [TCP Query User{C7A646F1-22CC-4368-B3C3-F707EDED27FB}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{FDD11821-1F86-45C7-851D-FA154D2D3A80}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FD766F05-B765-4447-BFBE-0EEE6453B1F0}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56AAD266-5579-4571-B2C1-683A719E9156}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BC4B8B3D-4CFB-4449-A80F-D7B0A21C868F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1C44F0E4-B131-4BE7-A724-355BA2FD9BAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6269E7DD-6F8B-4E38-AB32-DF90F00AF9E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58C1409A-E846-458B-83F6-40DEF3C3660E}] => (Allow) LPort=1900
FirewallRules: [{A11458CA-16B4-457D-9540-FC16BEF66DD9}] => (Allow) LPort=2869
FirewallRules: [{CD50D89C-1F74-4331-BF1C-FACF8B80A5AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1C307B-FB47-4954-879A-C9F32AA75306}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7085672E-17F4-4BA2-8CC6-801B3B5A9898}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4328C627-420E-42CF-AB37-F13E28B5F4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{712073E1-AD11-4CE5-A5AE-BE23C738C34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2E2EE3-69DB-4A8F-A58E-666B302BF57F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B9575A9A-84EC-4244-BE5E-C01C2E7EEC8F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [TCP Query User{04A83C6A-0266-45B2-9129-11A5A9818B63}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{B357CA7F-906A-4042-880B-7BD10906492B}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [{BE73B786-5CC6-46D6-AD01-0F6A9D522CBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA28F35-185D-4685-90EF-4B7410D89B48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F6258D9-DBA9-4B2E-903E-673846C2DA38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41C58828-FF0B-4965-9C6E-A91CFEB64E4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDE9B23-7E39-4384-84B2-BDC86B906BF8}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{314B90AE-9C41-40C0-88F6-D3C018DD4AFE}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{76FFEB86-3414-48E3-87E9-E3C463423945}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD91AC9-FE81-4A2D-A54E-74C1307BE695}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED23FFEA-5BDC-4A1A-B628-DEDDAD96AD99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0F8114D3-CEE6-4721-9802-03E34B9C9126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7AAF4524-9586-46D4-953E-393BB5017E67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5FB4FD0-3303-4146-B905-D5E726A60E4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C429BD3-DE78-4ACC-995A-20197F7A6FCA}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{392515B6-D467-4EDB-ADF2-2E06D5027746}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{041AF5DD-4D23-41DD-800E-CEEABF6DC692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0F5F0B1-FDB7-4CBD-B20C-CE66EAAA3C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A12128E-F079-4781-8B63-A51B6E987D8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DDAFAD4B-154A-4455-981E-E2B9380D6339}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8B0D8291-A290-4956-AB94-3F5FA3B49338}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C75E758B-1B29-451A-A14A-961B3A9692CB}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30C3732E-0062-4D4C-934D-FEE94DCDB5A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{3367E635-FE50-4DA3-B206-D68ACE711329}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{025BFE64-AC16-444F-A936-96CEAF40D492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{388D8BFC-62D5-45AE-A03F-763078672E9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FCA7B880-A697-415A-A88B-03FCBF0A5547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38E3F818-26D7-4287-B9D7-8100E51B2A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
09-08-2016 19:02:46 Geplanter Prüfpunkt
18-08-2016 21:06:42 Geplanter Prüfpunkt
22-08-2016 22:28:01 Windows Update
28-08-2016 14:01:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/28/2016 02:01:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/28/2016 02:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x21cc
Startzeit der fehlerhaften Anwendung: 0x01d20120011e669c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 4d27488e-7a90-428b-aec6-2269ec92bce5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 02:00:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x21cc
Startzeit der fehlerhaften Anwendung: 0x01d20120011e669c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 7b80ba39-ccee-45bb-9672-23f1d2ac5136
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 01:22:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/28/2016 01:09:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0x01d200aa7de8e4cc
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 03712ad4-794b-4048-a330-ad8f5bde59f2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/28/2016 01:09:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0x01d200aa7de8e4cc
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: d9890331-7928-4b8d-a42d-a92f02612701
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/27/2016 10:40:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows (C:)" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/27/2016 10:01:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0x01d1ffe152a82083
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 56097403-fbf3-47f7-afed-6e5fa0fd8818
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/27/2016 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0x01d1ffe152a82083
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: beb7fa52-8c9a-44ff-b463-2db5eb1b50c7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/26/2016 01:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Name des fehlerhaften Moduls: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x5155445a
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000a491
ID des fehlerhaften Prozesses: 0x2190
Startzeit der fehlerhaften Anwendung: 0x01d1ff1822619ca8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe
Berichtskennung: 49445d0f-1c07-410b-a592-7944d33e292f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (08/28/2016 01:30:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/28/2016 01:26:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (08/28/2016 01:25:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3df84" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/28/2016 01:24:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-08-17 20:12:53.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 04:31:33.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 20:12:04.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 03:08:42.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 23:46:59.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 03:01:05.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-15 19:54:02.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-10 08:03:53.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:02:32.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:01:10.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3272.3 MB
Verfügbarer physikalischer RAM: 1274.35 MB
Summe virtueller Speicher: 4232.3 MB
Verfügbarer virtueller Speicher: 1953.4 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:49.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:719.4 GB) NTFS
Drive k: (FLO Doku und Fotos) (Fixed) (Total:931.51 GB) (Free:790.31 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 710B350F)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 119756C8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
28.08.2016, 13:15
| #8 |
| | Facebook Meldung über angebliche Maleware FRST nochmal die vorherige war falsch: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016 durchgeführt von Flo Admin (Administrator) auf BÜROSUF (28-08-2016 14:07:27) Gestartet von C:\Users\Flo Admin\Desktop Geladene Profile: Flo Admin (Verfügbare Profile: Flo Admin) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (SplitCam Co.) D:\Programs\SplitCam\SplitCamService.exe () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) Startup: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-19] ShortcutTarget: Dropbox.lnk -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5-x64 08 C:\Program Files (x86)\Generic\USB Server\NPW\NPWprint.dll [195584 2009-09-02] (Elite Silicon Technology Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{8aac2676-c826-45c0-a05a-48952cee79f8}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei Handler: haufereader - Kein CLSID Wert Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kbr4azo0.default-1472046214596 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-03] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\extensions\cliqz@cliqz.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Amazon) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-09-19] CHR Extension: (Avast Online Security) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19] CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Flo Admin\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-14] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NPWService; C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe [783360 2009-09-02] () [Datei ist nicht signiert] S2 SkypeUpdate; D:\Programs\skype\Updater\Updater.exe [324224 2016-05-23] (Skype Technologies) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert] R2 SpliCamService; D:\Programs\SplitCam\SplitCamService.exe [321024 2016-05-18] (SplitCam Co.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-17] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 EST_BusEnum; C:\Windows\System32\drivers\GenBus.sys [29696 2009-10-06] ( ) R3 EST_Server; C:\Windows\System32\drivers\GenHC.sys [199168 2009-10-06] ( ) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-28] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 NUS_Bus; C:\Windows\System32\drivers\NUS_Bus.sys [30208 2009-11-09] (Elite Silicon Technology Inc.) R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider) R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-02-08] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-28 14:07 - 2016-08-28 14:08 - 00027125 _____ C:\Users\Flo Admin\Desktop\FRST.txt 2016-08-28 14:07 - 2016-08-28 14:07 - 00000000 ____D C:\Users\Flo Admin\Desktop\FRST-OlderVersion 2016-08-28 14:04 - 2016-08-28 14:04 - 00001181 _____ C:\Users\Flo Admin\Desktop\JRT.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022856 _____ C:\mbam2.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022855 _____ C:\Users\Flo Admin\Desktop\mbam.txt 2016-08-28 13:31 - 2016-08-28 13:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-28 13:31 - 2016-08-28 13:31 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-08-28 13:31 - 2016-08-28 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:30 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-08-28 13:30 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-08-28 13:29 - 2016-08-28 13:29 - 00001467 _____ C:\Users\Flo Admin\Desktop\AdwCleaner[C3].txt 2016-08-28 13:11 - 2016-08-28 14:00 - 01610560 _____ (Malwarebytes) C:\Users\Flo Admin\Desktop\JRT.exe 2016-08-28 13:10 - 2016-08-28 13:13 - 03826240 _____ C:\Users\Flo Admin\Desktop\AdwCleaner_6.010.exe 2016-08-26 13:47 - 2016-08-26 13:47 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\.elfohilfe 2016-08-25 06:51 - 2016-08-28 13:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-24 22:11 - 2016-08-24 22:12 - 00269560 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_22.11.35_log.txt 2016-08-24 22:07 - 2016-08-24 22:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Flo Admin\Desktop\tdsskiller.exe 2016-08-24 22:07 - 2016-08-24 22:09 - 00056994 _____ C:\Users\Flo Admin\Downloads\Addition.txt 2016-08-24 22:05 - 2016-08-28 14:07 - 00000000 ____D C:\FRST 2016-08-24 22:05 - 2016-08-25 22:49 - 00056365 _____ C:\Users\Flo Admin\Downloads\FRST.txt 2016-08-24 22:03 - 2016-08-28 14:07 - 02396672 _____ (Farbar) C:\Users\Flo Admin\Desktop\FRST64.exe 2016-08-24 21:53 - 2016-08-24 21:53 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-08-24 15:43 - 2016-08-24 15:43 - 00000000 ____D C:\Users\Flo Admin\Desktop\Alte Firefox-Daten 2016-08-24 15:12 - 2016-08-24 15:12 - 03784256 _____ C:\Users\Flo Admin\Downloads\adwcleaner_6.000.exe 2016-08-24 15:11 - 2016-08-28 13:24 - 00000000 ____D C:\AdwCleaner 2016-08-19 00:05 - 2016-08-19 00:05 - 00006883 _____ C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2016-08-18 15:59 - 2016-08-18 15:59 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-08-12 21:31 - 2016-08-12 21:31 - 00699943 _____ C:\Users\Flo Admin\Downloads\wmv2-1.9.8.exe 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\waterMark V2 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Program Files (x86)\PMlabs 2016-08-12 11:23 - 2016-08-25 09:06 - 00001170 _____ C:\Users\Flo Admin\Desktop\Mozilla Firefox.lnk 2016-08-10 11:26 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-10 11:26 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 11:26 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 11:26 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-10 11:26 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-10 11:26 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-10 11:26 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-10 11:26 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-10 11:26 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-10 11:26 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-10 11:26 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 11:26 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 11:26 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-10 11:26 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-10 11:26 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 11:26 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-10 11:26 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-10 11:25 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-10 11:25 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-10 11:25 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-10 11:25 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-10 11:25 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-10 11:25 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 11:25 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-10 11:25 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-10 11:25 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-10 11:25 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-10 11:25 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-10 11:25 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-10 11:25 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-10 11:25 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-10 11:25 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-10 11:25 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 11:25 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 11:25 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-10 11:25 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-10 11:25 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-10 11:25 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-10 11:25 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-10 11:25 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-10 11:25 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-10 11:25 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-10 11:25 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-10 11:25 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-10 11:25 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 11:25 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 19:41 - 2016-08-09 21:06 - 00000000 ____D C:\Users\Flo Admin\Desktop\Motorrad 2016-08-03 14:16 - 2016-08-03 14:16 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\Documents\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Prezi 2016-08-03 14:11 - 2016-08-03 14:11 - 00001854 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-08-03 14:11 - 2016-08-03 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop 2016-08-03 14:09 - 2016-08-03 14:11 - 00000000 ____D C:\Program Files (x86)\Prezi Desktop 2016-08-03 14:00 - 2016-08-03 14:01 - 01474568 _____ C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe 2016-08-02 21:52 - 2016-08-02 21:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\TeamViewer 2016-08-02 15:48 - 2016-08-02 16:04 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\SplitCam 2016-08-02 15:40 - 2016-08-02 15:44 - 100375696 _____ (SplitCam Co.) C:\Users\Flo Admin\Downloads\SplitCamSetup.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-28 13:57 - 2016-02-02 18:01 - 00000000 ____D C:\Users\Flo Admin 2016-08-28 13:51 - 2015-06-18 14:41 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job 2016-08-28 13:30 - 2014-01-22 16:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-28 13:28 - 2014-01-22 16:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-28 13:27 - 2013-12-12 12:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-28 13:25 - 2016-02-02 18:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-28 13:25 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2016-08-28 13:25 - 2015-09-15 16:37 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-08-28 13:25 - 2013-12-06 11:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-28 13:21 - 2015-12-28 00:59 - 00000442 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2016-08-28 09:46 - 2014-07-01 20:17 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A57FE50-6FA2-4DFD-80A8-6A730953253A} 2016-08-28 03:51 - 2015-06-18 14:41 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job 2016-08-27 22:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-27 17:16 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-24 21:54 - 2014-01-03 15:43 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Dropbox 2016-08-24 15:53 - 2016-06-14 21:55 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:55 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-08-24 15:45 - 2014-01-22 16:39 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-24 15:16 - 2015-09-17 23:29 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-08-20 11:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-19 00:11 - 2014-09-01 13:41 - 00000000 ____D C:\Users\Flo Admin\.gimp-2.8 2016-08-18 15:59 - 2015-09-15 23:17 - 00002444 _____ C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-18 15:59 - 2015-09-15 23:17 - 00000000 ___RD C:\Users\Flo Admin\OneDrive 2016-08-18 10:44 - 2013-09-23 14:07 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-18 04:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-08-17 20:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-17 02:40 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\WhatsApp 2016-08-16 23:17 - 2014-09-01 13:44 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\gtk-2.0 2016-08-11 13:43 - 2014-09-24 13:13 - 00001511 _____ C:\Users\Flo Admin\Desktop\Firefox.lnk 2016-08-11 01:32 - 2016-05-30 13:10 - 00000000 ____D C:\Users\Flo Admin\Desktop\Studium 2016-08-10 16:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 16:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-10 16:25 - 2013-12-12 11:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 16:19 - 2013-12-12 11:01 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-10 13:10 - 2016-06-17 06:57 - 00002307 _____ C:\Users\Flo Admin\Desktop\WhatsApp.lnk 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\SquirrelTemp 2016-08-09 20:59 - 2016-06-16 23:22 - 00000000 ____D C:\Users\Flo Admin\Desktop\Fotos vom Handy 2016-08-07 23:32 - 2016-06-15 22:12 - 00000000 ____D C:\Users\Flo Admin\Desktop\DBL Standort für Süssi 2016-08-07 21:52 - 2014-12-15 20:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\uTorrent 2016-08-05 17:06 - 2014-01-03 15:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-08-03 14:07 - 2016-02-02 17:58 - 00000000 ____D C:\ProgramData\Package Cache 2016-07-30 18:34 - 2016-04-13 11:25 - 00000000 ____D C:\ProgramData\Lexware 2016-07-29 10:25 - 2016-07-28 19:00 - 00000000 ____D C:\Users\Flo Admin\Desktop\Wohnung ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-11 22:06 - 2014-05-11 22:06 - 0000046 _____ () C:\Users\Flo Admin\AppData\Roaming\Camdata.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamLayout.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamShapes.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0004535 _____ () C:\Users\Flo Admin\AppData\Roaming\CamStudio.cfg 2014-05-11 22:01 - 2014-05-11 22:01 - 0000096 _____ () C:\Users\Flo Admin\AppData\Roaming\version2.xml 2014-09-24 12:40 - 2016-06-13 14:13 - 0004608 _____ () C:\Users\Flo Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-08-19 00:05 - 2016-08-19 00:05 - 0006883 _____ () C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2014-01-14 22:41 - 2014-01-14 22:41 - 0007602 _____ () C:\Users\Flo Admin\AppData\Local\Resmon.ResmonCfg 2015-12-28 00:25 - 2015-12-28 00:25 - 0000057 _____ () C:\ProgramData\Ament.ini Einige Dateien in TEMP: ==================== C:\Users\Flo Admin\AppData\Local\Temp\fjd_jni.dll C:\Users\Flo Admin\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Flo Admin\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Flo Admin\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Flo Admin\AppData\Local\Temp\libeay32.dll C:\Users\Flo Admin\AppData\Local\Temp\msvcr120.dll C:\Users\Flo Admin\AppData\Local\Temp\sqlite3.dll C:\Users\Flo Admin\AppData\Local\Temp\VirtualDJ New Version.exe C:\Users\Flo Admin\AppData\Local\Temp\_is5481.exe C:\Users\Flo Admin\AppData\Local\Temp\{4B823698-0EDF-4C2C-B3F2-56ED30E612A0}-50.0.2661.94_49.0.2623.112_chrome_updater.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-21 07:10 ==================== Ende von FRST.txt ============================ |
|
29.08.2016, 08:56
| #9 |
| /// TB-Ausbilder | Facebook Meldung über angebliche Maleware Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler: haufereader - Kein CLSID Wert
FF HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\extensions\cliqz@cliqz.com => nicht gefunden
Task: {37FC83F6-061F-4D09-A5B9-CA2AA83C06A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {49C49F98-87C7-4737-974D-7B483CCB4DF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6B792BFE-472A-4572-8089-14AD5D9B19FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {75E37311-C0C7-47CD-B46F-7E0743A7C349} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {8B344A7B-0D2B-4201-8661-07D40F0BD767} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9F311C0A-4399-4B6C-860B-6CFB5CF40ECD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A0B52DA2-F889-4882-B6D8-C15ED151A088} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E67ED1D2-A91D-48AD-8B60-032CD299B1A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E90A38FA-74F3-4C11-AEF6-0EB529BCF61E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EB7532DE-4464-46D2-B977-C126614D0FC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FD3264FB-3D5E-4D23-A078-70CC5A09E0DA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
30.08.2016, 02:22
| #10 |
| | Facebook Meldung über angebliche Maleware Fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-08-2016
durchgeführt von Flo Admin (29-08-2016 22:37:19) Run:1
Gestartet von C:\Users\Flo Admin\Desktop
Geladene Profile: Flo Admin (Verfügbare Profile: Flo Admin)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler: haufereader - Kein CLSID Wert
FF HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nyxljl00.default\extensions\cliqz@cliqz.com => nicht gefunden
Task: {37FC83F6-061F-4D09-A5B9-CA2AA83C06A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {49C49F98-87C7-4737-974D-7B483CCB4DF4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6B792BFE-472A-4572-8089-14AD5D9B19FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {75E37311-C0C7-47CD-B46F-7E0743A7C349} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {8B344A7B-0D2B-4201-8661-07D40F0BD767} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9F311C0A-4399-4B6C-860B-6CFB5CF40ECD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A0B52DA2-F889-4882-B6D8-C15ED151A088} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E67ED1D2-A91D-48AD-8B60-032CD299B1A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E90A38FA-74F3-4C11-AEF6-0EB529BCF61E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EB7532DE-4464-46D2-B977-C126614D0FC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FD3264FB-3D5E-4D23-A078-70CC5A09E0DA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Wert erfolgreich entfernt
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Schlüssel nicht gefunden.
"HKCR\PROTOCOLS\Handler\haufereader" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37FC83F6-061F-4D09-A5B9-CA2AA83C06A8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37FC83F6-061F-4D09-A5B9-CA2AA83C06A8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49C49F98-87C7-4737-974D-7B483CCB4DF4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49C49F98-87C7-4737-974D-7B483CCB4DF4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B792BFE-472A-4572-8089-14AD5D9B19FF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B792BFE-472A-4572-8089-14AD5D9B19FF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75E37311-C0C7-47CD-B46F-7E0743A7C349}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75E37311-C0C7-47CD-B46F-7E0743A7C349}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B344A7B-0D2B-4201-8661-07D40F0BD767}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B344A7B-0D2B-4201-8661-07D40F0BD767}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F311C0A-4399-4B6C-860B-6CFB5CF40ECD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F311C0A-4399-4B6C-860B-6CFB5CF40ECD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0B52DA2-F889-4882-B6D8-C15ED151A088}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0B52DA2-F889-4882-B6D8-C15ED151A088}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E67ED1D2-A91D-48AD-8B60-032CD299B1A9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E67ED1D2-A91D-48AD-8B60-032CD299B1A9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E90A38FA-74F3-4C11-AEF6-0EB529BCF61E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E90A38FA-74F3-4C11-AEF6-0EB529BCF61E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB7532DE-4464-46D2-B977-C126614D0FC0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB7532DE-4464-46D2-B977-C126614D0FC0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD3264FB-3D5E-4D23-A078-70CC5A09E0DA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD3264FB-3D5E-4D23-A078-70CC5A09E0DA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14096310 B
Java, Flash, Steam htmlcache => 34879311 B
Windows/system/drivers => 258589837 B
Edge => 241908619 B
Chrome => 9557320 B
Firefox => 18796977 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1207244 B
NetworkService => 0 B
Flo Admin => 7082950472 B
RecycleBin => 22851606 B
EmptyTemp: => 7.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:38:38 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ea9096ab2d2483448e35beda701ad622
# end=init
# utc_time=2016-08-29 09:32:03
# local_time=2016-08-29 11:32:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30578
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ea9096ab2d2483448e35beda701ad622
# end=updated
# utc_time=2016-08-29 09:35:03
# local_time=2016-08-29 11:35:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ea9096ab2d2483448e35beda701ad622
# engine=30578
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-30 12:23:45
# local_time=2016-08-30 02:23:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=786 16777213 83 94 1059210 83764030 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2877623 33379349 0 0
# scanned=325342
# found=41
# cleaned=0
# scan_time=10121
sh=3DC8650ABE045BD0FD2229B1922BC28D6A7E0BA4 ft=1 fh=c50679dd09e93d67 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\cltmng.exe"
sh=94796D5694C74DA8C5ACEFA93CFC760FCC08B539 ft=1 fh=5571d504982b15ce vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\RN32.dll"
sh=5E42E60D2F3179EBCA59357F7CC37924A0B0454B ft=1 fh=d7d5560d32c76a63 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\SPTool64.exe"
sh=F5F440AE8C5A2091A1E010C24132273A6731873D ft=1 fh=5b21e0bdbb2c00f1 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\SPVC32.dll"
sh=B66077E8AF7F20EE4509521DEBB7CD335469E41E ft=1 fh=13d31f169264e2ff vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\SPVC32Loader.dll"
sh=A8B6417F72FD9783C82EAABB18D5350D8174DB65 ft=1 fh=14ab8891e0952d91 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\SPVC64.dll"
sh=9BCE3C63351DD461746552926221C62A8D4D48EC ft=1 fh=64c035de64013a2f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\VC32.dll"
sh=3D13A17955C99960B7634689998FB0BCCB3355B0 ft=1 fh=4973b376cc4e583d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\VC32Loader.dll"
sh=6446414F2F5B2ABA9639879D295E1DF324035AB7 ft=1 fh=85e38ae5ec7a5262 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\SearchProtect\bin\VC64.dll"
sh=204DB8E952A0FC90B43C6B231E293461080B385B ft=1 fh=229b71178193f79d vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lovpuudawbmtwepjiusvsuvepdontzjs\UI\bin\cltmngui.exe"
sh=52C62112EBE6C00644D6A5C3A1DA1D4124BB31A7 ft=1 fh=6d95cedaba666fcd vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\Users\Flo Admin\AppData\Roaming\Host System\host.exe"
sh=0F07EF4443886B46C55B6C6356E47553E9A3ED19 ft=1 fh=3496cc175164687c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\7z920.exe"
sh=D4B54576E1188A031120D38099C073D6AED31BD5 ft=1 fh=a21580aff76fa3d8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Biller - CHIP-Installer.exe"
sh=D6A024F53E884A04B931AB06B8B20B02E40601F2 ft=1 fh=3386e4d3667d6126 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Calibre 32 Bit - CHIP-Installer.exe"
sh=24B2A6B42E634A44A6100304B782734B109E90EB ft=1 fh=9926060c686e537d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Cloud Downloader - CHIP-Installer.exe"
sh=D65E45683F9C958225C58C20754971AD2970DB45 ft=1 fh=37ddf4d3d8dcb46e vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Cubix-lnstall.exe"
sh=164117C79C2A7E877A6242661BA83FE906A788E8 ft=1 fh=1643f7d4b7f48232 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe"
sh=64C63505096186996B6CAB3B009E80D257BBF075 ft=1 fh=f64f4ef24f987c38 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\PSDViewer32Setup.exe"
sh=6EF3561D667A99168D8DA92DE57779103EE1A874 ft=1 fh=50e36c225ba1e774 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Sandboxie - CHIP-Installer.exe"
sh=DD0956F50D9E4C55EDF132646C9AE292AFC5AA88 ft=1 fh=ce8ba7ad9b035429 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\Sony PC Companion - CHIP-Installer.exe"
sh=A9E583DD5BAF499CEF204E1D5A020C6D2E313E16 ft=1 fh=d19522b4a5eeaf86 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\TinyPic - CHIP-Downloader.exe"
sh=07FFBAEB10323961E444A1730D173D65BC0D4474 ft=1 fh=004a6c9a6a5554b5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flo Admin\Downloads\WhatsApp936Setup - CHIP-Installer.exe"
sh=3F20DC68A6AAC23C4702D16C8A5388DCFE591AEA ft=1 fh=e5e2264a283a7f45 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="D:\Programs\PSDViewer\MyBabylonTB.exe"
sh=282BCF7D58482CB1194B1AB89D319AE5A55061B6 ft=1 fh=9431211101e04bb6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\FreeYouTubeDownload29.exe"
sh=D933550D5D27A756EA6FB05CA989879342F04835 ft=1 fh=9d3ba252ccdff560 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=E5AB41BD9FC5166F039421C8F3B022752C3C605A ft=1 fh=9bffae5f27f9209e vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\FreeYouTubetoMP3Converter(3).exe"
sh=660DBBCCB3CECB907102247E33A2763B885BC22F ft=1 fh=08d795d06aaee6ee vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\FreeYouTubeToMP3Converter(4).exe"
sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\FreeYouTubeToMp3Converter.exe"
sh=9E0A3231C714F6126D2123A9DACE9D8D70BD918A ft=1 fh=dcddfc057ad3c782 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\SoftonicDownloader_fuer_bluetoothview.exe"
sh=56F64A81267CC1F2A3D8A4A0BBB379EE58552181 ft=1 fh=a146b1d77d5b55d2 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\SoftonicDownloader_fuer_camstudio.exe"
sh=64F527F96AD6AD4A3F2EAD2570221B1AF7F9327E ft=1 fh=6de2b7491d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\SoftonicDownloader_fuer_virtual-clonedrive.exe"
sh=FF63D80AD6485D101DF43088B22FA1FE398280D0 ft=1 fh=ef6868d43e0b6bfa vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\SoftonicDownloader_fuer_windows-live-messenger.exe"
sh=C9352C798D66F96D4F894C2BC2CDAD192B662D62 ft=1 fh=7209dc7ad243ecb3 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Downloads\zaSetup_92_105_000_de.exe"
sh=1736C47063E8E95902CA01F287D24C76AFFDDED8 ft=1 fh=0182462c0b921376 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\ashampoo_burning_studio_2010_advanced_9.24_7590.exe"
sh=ABA0F43F547A86487917BB706D83F7F32FEA479E ft=1 fh=64f4ef9d4dc3c582 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\FreeYouTubeToMp3Converter.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\zaSetup_92_058_000_de.exe"
sh=8547D1E5EACE099ECFE5EDBF6958FA077650894B ft=1 fh=61435738673b6524 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\Setups\FreeYouTubeToMP3Converter31015.exe"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\Setups\PDFCreator-1_2_3_setup.exe"
sh=F704A4253111993D9C9F0CFEF6FC693FBDEA011F ft=1 fh=e7e2fb16ce752c3a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\Setups\zaSetupWeb_101_079_000.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\treiber\Setup\zaSetup_92_058_000_de(1).exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\Setups Programme Laptop\treiber\Setup\zaSetup_92_058_000_de.exe"
Code:
ATTFilter HitmanPro 3.7.14.265
www.hitmanpro.com
Computer name . . . . : BÜROSUF
Windows . . . . . . . : 10.0.0.10586.X64/2
User name . . . . . . : BÜROSUF\Flo Admin
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2016-08-30 02:49:25
Scan mode . . . . . . : Normal
Scan duration . . . . : 15m 33s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 7
Traces . . . . . . . : 14
Objects scanned . . . : 2.200.869
Files scanned . . . . : 65.077
Remnants scanned . . : 516.837 files / 1.618.955 keys
Malware _____________________________________________________________________
C:\Users\Flo Admin\Downloads\7z920.exe
Size . . . . . . . : 1.473.544 bytes
Age . . . . . . . : 76.2 days (2016-06-14 21:34:43)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 8A3BB15B14C83F55C0E6266F6BBCC68012F3AB6BF27D339F0FEEFF875D8992E1
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
C:\Users\Flo Admin\Downloads\Biller - CHIP-Installer.exe
Size . . . . . . . : 1.475.080 bytes
Age . . . . . . . : 117.7 days (2016-05-04 09:28:52)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 2EF13A25AA794A536E990E232BB41409B7C3D9AEEAA41A6E848763A975EC589D
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
C:\Users\Flo Admin\Downloads\Cubix-lnstall.exe
Size . . . . . . . : 1.033.424 bytes
Age . . . . . . . : 715.2 days (2014-09-14 21:33:59)
Entropy . . . . . : 7.9
SHA-256 . . . . . : D2AADC96007C8A1E5322E503D9158C5BC7929DD7D213909F17B980524C9ACDEE
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.Win32.WinloadSDA.gen
Fuzzy . . . . . . : 107.0
C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe
Size . . . . . . . : 1.474.568 bytes
Age . . . . . . . : 26.5 days (2016-08-03 14:00:43)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 9F787EE65A73A6E89253083E0CC055E7E1DD67F2DDF90466DF46EFAFED26EE52
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
C:\Users\Flo Admin\Downloads\PSDViewer32Setup.exe
Size . . . . . . . : 10.902.509 bytes
Age . . . . . . . : 920.4 days (2014-02-21 17:43:30)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 2F34DDA6F72E4EE4134844BB583CC9573841A185A2C9FB463B22E3E0CBC51E33
Product . . . . . : PSD Viewer
Publisher . . . . : IdeaMK
Description . . . : PSD Viewer Setup
Version
LanguageID . . . . : 0
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 106.0
C:\Users\Flo Admin\Downloads\Sandboxie - CHIP-Installer.exe
Size . . . . . . . : 1.457.952 bytes
Age . . . . . . . : 349.1 days (2015-09-16 00:12:20)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 6D10F5C1A3635C6C84FD1FF0E8E7897484DE878E5C6CEB2BC2AB5E7D98C79DC4
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pi
Fuzzy . . . . . . : 103.0
C:\Users\Flo Admin\Downloads\WhatsApp936Setup - CHIP-Installer.exe
Size . . . . . . . : 1.473.544 bytes
Age . . . . . . . : 73.8 days (2016-06-17 06:55:44)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 78AB896251155A0EA711F47EE35E57CEFD41816E7BA84FF0B50E0DC78D4D958C
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
Suspicious files ____________________________________________________________
C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8695Y6SG\FRST64[2].exe
Size . . . . . . . : 2.397.696 bytes
Age . . . . . . . : 0.2 days (2016-08-29 22:36:54)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 7F1680C23BD158CC4B4AC4747148F073FA45153F3AF2C0269FCE357D4C1D585F
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-0.7s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCookies\C1W3CU6Z.txt
-0.7s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LE34UMJU\82[1].htm
-0.1s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\P1EF5MRE\FRST64[1].exe
0.0s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8695Y6SG\FRST64[2].exe
0.0s C:\Users\Flo Admin\Desktop\FRST64.exe
6.6s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FCJBHKV8\up64[1]
25.4s C:\FRST\Logs\ct
25.4s C:\Users\Flo Admin\Desktop\Fixlog.txt
C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FCJBHKV8\FRST64[1].exe
Size . . . . . . . : 2.396.672 bytes
Age . . . . . . . : 1.5 days (2016-08-28 14:07:20)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 11B9B0D6AF172547DCE483C7C45072636F030B12DE1C40AF08B6E8D08D394EDC
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-0.6s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
-0.6s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
-0.5s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
-0.5s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
-0.4s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
-0.4s C:\Users\Flo Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
-0.2s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8695Y6SG\FRST64[1].exe
0.0s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FCJBHKV8\FRST64[1].exe
1.9s C:\Users\Flo Admin\Desktop\FRST-OlderVersion\
5.0s C:\Windows\Prefetch\FRST64.EXE-0E1FEFB8.pf
7.1s C:\Users\Flo Admin\Desktop\FRST.txt
C:\Users\Flo Admin\AppData\Local\PunkBuster\AAV3\pb\pbcl.dll
Size . . . . . . . : 976.376 bytes
Age . . . . . . . : 790.3 days (2014-07-01 20:26:09)
Entropy . . . . . : 7.6
SHA-256 . . . . . : AD673B83C5FAAD655A005CA487B004AAD182BF1656C2889C3491C927A59B197B
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Flo Admin\AppData\Local\PunkBuster\AAV3\pb\pbcls.dll
Size . . . . . . . : 976.376 bytes
Age . . . . . . . : 790.3 days (2014-07-01 20:26:09)
Entropy . . . . . : 7.6
SHA-256 . . . . . : AD673B83C5FAAD655A005CA487B004AAD182BF1656C2889C3491C927A59B197B
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Flo Admin\AppData\Local\PunkBuster\AAV3\pb\PnkBstrK.sys
Size . . . . . . . : 140.952 bytes
Age . . . . . . . : 796.4 days (2014-06-25 16:45:29)
Entropy . . . . . : 7.7
SHA-256 . . . . . : C16149FB549D5C4522B8025893EFFA0D11BECAF4356977AFA72F576AE120E922
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\Flo Admin\Desktop\FRST-OlderVersion\FRST64.exe
Size . . . . . . . : 2.396.672 bytes
Age . . . . . . . : 5.2 days (2016-08-24 22:03:38)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 11B9B0D6AF172547DCE483C7C45072636F030B12DE1C40AF08B6E8D08D394EDC
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
C:\Users\Flo Admin\Desktop\FRST64.exe
Size . . . . . . . : 2.397.696 bytes
Age . . . . . . . : 0.2 days (2016-08-29 22:36:54)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 7F1680C23BD158CC4B4AC4747148F073FA45153F3AF2C0269FCE357D4C1D585F
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-0.7s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCookies\C1W3CU6Z.txt
-0.7s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LE34UMJU\82[1].htm
-0.1s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\P1EF5MRE\FRST64[1].exe
-0.0s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8695Y6SG\FRST64[2].exe
0.0s C:\Users\Flo Admin\Desktop\FRST64.exe
6.6s C:\Users\Flo Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FCJBHKV8\up64[1]
25.4s C:\FRST\Logs\ct
25.4s C:\Users\Flo Admin\Desktop\Fixlog.txt
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-08-2016
durchgeführt von Flo Admin (30-08-2016 03:13:07)
Gestartet von C:\Users\Flo Admin\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-02 16:24:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4126187190-1361339850-3817463540-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4126187190-1361339850-3817463540-503 - Limited - Disabled)
Flo Admin (S-1-5-21-4126187190-1361339850-3817463540-1001 - Administrator - Enabled) => C:\Users\Flo Admin
Gast (S-1-5-21-4126187190-1361339850-3817463540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4126187190-1361339850-3817463540-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version: - U.S. Army)
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 2 Starter Edition (HKLM-x32\...\{394C2C3E-CA18-4216-B430-ACDD82C26973}) (Version: 2.6.0 - Ambient Design)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haufe Formular-Manager (HKLM-x32\...\{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}) (Version: 2.1.8.0 - Haufe)
Haufe iDesk-Browser (HKLM-x32\...\{043671DC-DE3A-4A5B-B7A2-34F7DF6F5523}) (Version: 7.07.25.4312 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{A4E86B6A-6EEC-41FD-8960-26947F0E3353}) (Version: 7.09.07.4355 - Haufe)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Hilfe (HKLM-x32\...\{0C0C43A4-CDBF-4CF6-9902-4CF6BBD09C80}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
leogeo_timebeat (HKLM-x32\...\leogeo_timebeat_is1) (Version: - )
Lexware buchhalter 2016 (HKLM-x32\...\{c471bebe-ad7b-4c54-8a91-2d314fd041a0}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2016 (x32 Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware know how buchhaltung (HKLM-x32\...\{86C5FBB1-83D3-4E79-B60C-FB43BF003AE9}) (Version: 6.0.0.0 - Haufe Mediengruppe)
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi)
Prezi Desktop (x32 Version: 6.12.1.0 - Prezi) Hidden
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SplitCam (HKLM-x32\...\SplitCam) (Version: 7.4.4.1 - SplitCam Co)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet 5740 series (HKLM\...\{E49940D5-31DD-40BA-851D-3B82C4FF7A18}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65280 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
USB Server (HKLM-x32\...\InstallShield_{2DCD32C2-EBB2-4461-8398-6FBA1E8BCD0D}) (Version: 09.1117.0028 - Ihr Firmenname)
USB Server (x32 Version: 09.1117.0028 - Ihr Firmenname) Hidden
USB Server NPW (HKLM-x32\...\InstallShield_{7B88E312-ED74-4FE4-BC76-18DA40597382}) (Version: - )
USB Server NPW (Version: 09.1117.0028 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002DB84B-CC92-4F9E-A0BE-E87B9453079B} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {15E5D4B8-C0E1-4B8B-8D99-5D6C13A1AF0B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {33D000FE-8321-4DA3-BDAA-C90D6DCFB54D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4129F7A2-1670-4846-8E34-C78C7B2E349E} - System32\Tasks\SafeZone scheduled Autoupdate 1451348094 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {5956B518-9EF2-475F-8FE5-AAAC2E8B2E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {837E1E21-372A-46A3-BEBC-20A0D334F80E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-12-28] ()
Task: {85859EF5-0169-4590-9C7A-D3ACCD511113} - System32\Tasks\{BF70E981-2856-4D51-B24D-AEF709BD9888} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {870B6537-E047-4216-926B-000757F67EEF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {9A6505A9-ADD4-4E45-84CE-794EB4AD0B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {AADFA08E-9B63-4794-A107-8A971BB93DF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AD8A5F53-032B-4BE5-B984-E5754BA88609} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B76472CA-DB70-4EA5-89FA-0536DDB2CA93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {C8699E42-5061-4448-B95F-BCD5011F54F7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {E7735B02-AEE1-4CEF-AFD2-EEE73F071A9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {EC44A142-D2D6-451E-8822-E0DF8F19D55B} - System32\Tasks\{47D082D0-DAC8-47E7-866E-8F70FCB1A8A2} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {EF5A316F-7C15-43D2-AC4C-BC271A3F7B9A} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {F5556D06-9B9A-429E-A85A-7DE576DE25EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk -> C:\ProgramData\Ashampoo\DeDigital.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=dedi&edition=eid=15376&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=15376&utm_medium=desktop&x-pos=Metro
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-14 21:55 - 2016-07-28 23:01 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-07-08 12:35 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00783360 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00184320 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWpsm.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00270848 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWdcp.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00087552 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWlog.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00098816 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWuntp.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01864384 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-13 00:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-02 17:49 - 2016-02-02 17:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 00:42 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2013-04-10 08:09 - 2013-04-10 08:09 - 00401408 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
2015-11-04 17:43 - 2015-11-04 17:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-11-24 14:44 - 2015-10-09 17:56 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-07-13 00:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 00:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-29 21:37 - 2016-08-29 21:37 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082901\algo.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-23 10:11 - 2013-10-23 10:11 - 00114336 _____ () D:\Programs\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2013-07-08 12:35 - 2016-08-29 22:40 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 12:35 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-07-08 12:37 - 2012-11-23 02:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00233472 _____ () C:\Program Files (x86)\Generic\USB Server\DCPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00167936 _____ () C:\Program Files (x86)\Generic\USB Server\PSMDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00098304 _____ () C:\Program Files (x86)\Generic\USB Server\UNTPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00086016 _____ () C:\Program Files (x86)\Generic\USB Server\ESTLogDLL.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01383616 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 00118976 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B50E6ACD-FE4D-4FA7-AD62-292930B2E001}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{0D1BD89E-942A-481D-9793-CBDD87278D76}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{8633FA9A-00AB-4D6B-9F2D-D792A86AB35A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A57700A-5BB9-484E-B6BD-A60C80B2030D}] => (Allow) LPort=5357
FirewallRules: [{A6D98DA9-3CAF-4966-A270-4756F6F6E049}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{8F7CFD95-B1FD-4E86-B33B-33301E3E8B3F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{2A68F774-368B-4770-A3F0-1940CA721348}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{23406359-CA38-495F-BAFF-B0FD369C2B01}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{9A37B5EF-BE64-45F1-8A03-FD869C11F676}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{A6D0BF2B-B59B-4B31-AC70-F271D90DB24B}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{2E3986CF-1592-4B44-A072-5B34C8522F9D}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{01F9A868-FDD2-4C83-9251-7E337F01CCB9}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{6A9C2651-3469-492A-A9AA-4A1F5A746F79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEC98AA3-AAB4-4E22-8ED7-A32431BD514A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{53803361-4D74-428C-8985-9469C27A8AE2}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [TCP Query User{CAEFD55D-1B24-4845-8A04-94A2182C5552}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [{B1A34152-54F4-4E98-8B60-4718839394E2}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{6FE3A923-8A1E-4512-9E73-C5F6661E34FE}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{01AE655B-AEA6-4D34-B7E6-B93D558C11CF}] => (Allow) D:\Programs\skype\Phone\Skype.exe
FirewallRules: [{4C892305-F1CD-456F-9479-29C4A9D6A1F5}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{B620889F-981E-4380-BD48-5B2A78FFD7B9}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [UDP Query User{06E9E7E6-5460-45A9-99F7-4861592FDBD1}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [TCP Query User{C7A646F1-22CC-4368-B3C3-F707EDED27FB}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{FDD11821-1F86-45C7-851D-FA154D2D3A80}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FD766F05-B765-4447-BFBE-0EEE6453B1F0}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56AAD266-5579-4571-B2C1-683A719E9156}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BC4B8B3D-4CFB-4449-A80F-D7B0A21C868F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1C44F0E4-B131-4BE7-A724-355BA2FD9BAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6269E7DD-6F8B-4E38-AB32-DF90F00AF9E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58C1409A-E846-458B-83F6-40DEF3C3660E}] => (Allow) LPort=1900
FirewallRules: [{A11458CA-16B4-457D-9540-FC16BEF66DD9}] => (Allow) LPort=2869
FirewallRules: [{CD50D89C-1F74-4331-BF1C-FACF8B80A5AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1C307B-FB47-4954-879A-C9F32AA75306}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7085672E-17F4-4BA2-8CC6-801B3B5A9898}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4328C627-420E-42CF-AB37-F13E28B5F4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{712073E1-AD11-4CE5-A5AE-BE23C738C34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2E2EE3-69DB-4A8F-A58E-666B302BF57F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B9575A9A-84EC-4244-BE5E-C01C2E7EEC8F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [TCP Query User{04A83C6A-0266-45B2-9129-11A5A9818B63}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{B357CA7F-906A-4042-880B-7BD10906492B}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [{BE73B786-5CC6-46D6-AD01-0F6A9D522CBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA28F35-185D-4685-90EF-4B7410D89B48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F6258D9-DBA9-4B2E-903E-673846C2DA38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41C58828-FF0B-4965-9C6E-A91CFEB64E4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDE9B23-7E39-4384-84B2-BDC86B906BF8}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{314B90AE-9C41-40C0-88F6-D3C018DD4AFE}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{76FFEB86-3414-48E3-87E9-E3C463423945}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD91AC9-FE81-4A2D-A54E-74C1307BE695}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED23FFEA-5BDC-4A1A-B628-DEDDAD96AD99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0F8114D3-CEE6-4721-9802-03E34B9C9126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7AAF4524-9586-46D4-953E-393BB5017E67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5FB4FD0-3303-4146-B905-D5E726A60E4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C429BD3-DE78-4ACC-995A-20197F7A6FCA}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{392515B6-D467-4EDB-ADF2-2E06D5027746}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{041AF5DD-4D23-41DD-800E-CEEABF6DC692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0F5F0B1-FDB7-4CBD-B20C-CE66EAAA3C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A12128E-F079-4781-8B63-A51B6E987D8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DDAFAD4B-154A-4455-981E-E2B9380D6339}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8B0D8291-A290-4956-AB94-3F5FA3B49338}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C75E758B-1B29-451A-A14A-961B3A9692CB}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30C3732E-0062-4D4C-934D-FEE94DCDB5A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{3367E635-FE50-4DA3-B206-D68ACE711329}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{025BFE64-AC16-444F-A936-96CEAF40D492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{388D8BFC-62D5-45AE-A03F-763078672E9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FCA7B880-A697-415A-A88B-03FCBF0A5547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38E3F818-26D7-4287-B9D7-8100E51B2A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
09-08-2016 19:02:46 Geplanter Prüfpunkt
18-08-2016 21:06:42 Geplanter Prüfpunkt
22-08-2016 22:28:01 Windows Update
28-08-2016 14:01:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/30/2016 02:29:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/30/2016 02:27:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/30/2016 02:27:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:34:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:32:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\flo admin\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Systemfehler:
=============
Error: (08/29/2016 11:34:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:33:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:33:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:32:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:32:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-08-17 20:12:53.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 04:31:33.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 20:12:04.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 03:08:42.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 23:46:59.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 03:01:05.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-15 19:54:02.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-10 08:03:53.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:02:32.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:01:10.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 3272.3 MB
Verfügbarer physikalischer RAM: 830.34 MB
Summe virtueller Speicher: 5630.04 MB
Verfügbarer virtueller Speicher: 2162.74 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:52.77 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:719.4 GB) NTFS
Drive k: (FLO Doku und Fotos) (Fixed) (Total:931.51 GB) (Free:790.31 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 710B350F)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 119756C8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.08.2016, 02:23
| #11 |
| | Facebook Meldung über angebliche Maleware Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-08-2016
durchgeführt von Flo Admin (30-08-2016 03:13:07)
Gestartet von C:\Users\Flo Admin\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-02 16:24:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4126187190-1361339850-3817463540-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4126187190-1361339850-3817463540-503 - Limited - Disabled)
Flo Admin (S-1-5-21-4126187190-1361339850-3817463540-1001 - Administrator - Enabled) => C:\Users\Flo Admin
Gast (S-1-5-21-4126187190-1361339850-3817463540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4126187190-1361339850-3817463540-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version: - U.S. Army)
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 2 Starter Edition (HKLM-x32\...\{394C2C3E-CA18-4216-B430-ACDD82C26973}) (Version: 2.6.0 - Ambient Design)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip)
calibre (HKLM-x32\...\{04882E0B-389F-4F58-B1B9-DE87371DEBDE}) (Version: 2.34.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.10.923 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Haufe Formular-Manager (HKLM-x32\...\{9353F6E9-13B7-43B4-8FA5-CB46CA22671B}) (Version: 2.1.8.0 - Haufe)
Haufe iDesk-Browser (HKLM-x32\...\{043671DC-DE3A-4A5B-B7A2-34F7DF6F5523}) (Version: 7.07.25.4312 - Haufe)
Haufe iDesk-Service (HKLM-x32\...\{A4E86B6A-6EEC-41FD-8960-26947F0E3353}) (Version: 7.09.07.4355 - Haufe)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet 5740 series Hilfe (HKLM-x32\...\{0C0C43A4-CDBF-4CF6-9902-4CF6BBD09C80}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Photo Creations (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
leogeo_timebeat (HKLM-x32\...\leogeo_timebeat_is1) (Version: - )
Lexware buchhalter 2016 (HKLM-x32\...\{c471bebe-ad7b-4c54-8a91-2d314fd041a0}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2016 (x32 Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG)
Lexware know how buchhaltung (HKLM-x32\...\{86C5FBB1-83D3-4E79-B60C-FB43BF003AE9}) (Version: 6.0.0.0 - Haufe Mediengruppe)
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
Prezi Desktop (HKLM-x32\...\{b2c1866d-4df0-43b9-bf09-f126fac08e1c}) (Version: 6.12.1.0 - Prezi)
Prezi Desktop (x32 Version: 6.12.1.0 - Prezi) Hidden
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SplitCam (HKLM-x32\...\SplitCam) (Version: 7.4.4.1 - SplitCam Co)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet 5740 series (HKLM\...\{E49940D5-31DD-40BA-851D-3B82C4FF7A18}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65280 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
USB Server (HKLM-x32\...\InstallShield_{2DCD32C2-EBB2-4461-8398-6FBA1E8BCD0D}) (Version: 09.1117.0028 - Ihr Firmenname)
USB Server (x32 Version: 09.1117.0028 - Ihr Firmenname) Hidden
USB Server NPW (HKLM-x32\...\InstallShield_{7B88E312-ED74-4FE4-BC76-18DA40597382}) (Version: - )
USB Server NPW (Version: 09.1117.0028 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
WhatsApp (HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002DB84B-CC92-4F9E-A0BE-E87B9453079B} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {15E5D4B8-C0E1-4B8B-8D99-5D6C13A1AF0B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {33D000FE-8321-4DA3-BDAA-C90D6DCFB54D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4129F7A2-1670-4846-8E34-C78C7B2E349E} - System32\Tasks\SafeZone scheduled Autoupdate 1451348094 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {5956B518-9EF2-475F-8FE5-AAAC2E8B2E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {837E1E21-372A-46A3-BEBC-20A0D334F80E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-12-28] ()
Task: {85859EF5-0169-4590-9C7A-D3ACCD511113} - System32\Tasks\{BF70E981-2856-4D51-B24D-AEF709BD9888} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {870B6537-E047-4216-926B-000757F67EEF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {9A6505A9-ADD4-4E45-84CE-794EB4AD0B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {AADFA08E-9B63-4794-A107-8A971BB93DF2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {AD8A5F53-032B-4BE5-B984-E5754BA88609} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B76472CA-DB70-4EA5-89FA-0536DDB2CA93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {C8699E42-5061-4448-B95F-BCD5011F54F7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {E7735B02-AEE1-4CEF-AFD2-EEE73F071A9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {EC44A142-D2D6-451E-8822-E0DF8F19D55B} - System32\Tasks\{47D082D0-DAC8-47E7-866E-8F70FCB1A8A2} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.106/de/abandoninstall?page=tsProgressBar
Task: {EF5A316F-7C15-43D2-AC4C-BC271A3F7B9A} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-02] (ASUSTeK Computer Inc.)
Task: {F5556D06-9B9A-429E-A85A-7DE576DE25EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Flo Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk -> C:\ProgramData\Ashampoo\DeDigital.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=dedi&edition=eid=15376&utm_medium=desktop&x-pos=Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=15376&utm_medium=desktop&x-pos=Metro
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-14 21:55 - 2016-07-28 23:01 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-07-08 12:35 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00783360 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe
2009-09-02 15:07 - 2009-09-02 15:07 - 00184320 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWpsm.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00270848 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWdcp.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00087552 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWlog.dll
2009-09-02 15:07 - 2009-09-02 15:07 - 00098816 _____ () C:\Program Files (x86)\Generic\USB Server\NPW\NPWuntp.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01864384 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-13 00:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-13 00:39 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-02 17:49 - 2016-02-02 17:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 00:42 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2013-04-10 08:09 - 2013-04-10 08:09 - 00401408 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
2015-11-04 17:43 - 2015-11-04 17:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-11-24 14:44 - 2015-10-09 17:56 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-07-13 00:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 00:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 00:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-29 21:37 - 2016-08-29 21:37 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082901\algo.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-23 10:11 - 2013-10-23 10:11 - 00114336 _____ () D:\Programs\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2013-07-08 12:35 - 2016-08-29 22:40 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 12:35 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-07-08 12:37 - 2012-11-23 02:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:21 - 2016-04-19 07:21 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00233472 _____ () C:\Program Files (x86)\Generic\USB Server\DCPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00167936 _____ () C:\Program Files (x86)\Generic\USB Server\PSMDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00098304 _____ () C:\Program Files (x86)\Generic\USB Server\UNTPDLL.dll
2009-11-30 14:21 - 2009-11-30 14:21 - 00086016 _____ () C:\Program Files (x86)\Generic\USB Server\ESTLogDLL.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 01383616 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 15:58 - 2016-08-18 15:58 - 00118976 _____ () C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Officejet 5740 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B50E6ACD-FE4D-4FA7-AD62-292930B2E001}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{0D1BD89E-942A-481D-9793-CBDD87278D76}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS1B2B\HPDiagnosticCoreUI.exe
FirewallRules: [{8633FA9A-00AB-4D6B-9F2D-D792A86AB35A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A57700A-5BB9-484E-B6BD-A60C80B2030D}] => (Allow) LPort=5357
FirewallRules: [{A6D98DA9-3CAF-4966-A270-4756F6F6E049}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{8F7CFD95-B1FD-4E86-B33B-33301E3E8B3F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{2A68F774-368B-4770-A3F0-1940CA721348}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{23406359-CA38-495F-BAFF-B0FD369C2B01}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{9A37B5EF-BE64-45F1-8A03-FD869C11F676}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{A6D0BF2B-B59B-4B31-AC70-F271D90DB24B}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{2E3986CF-1592-4B44-A072-5B34C8522F9D}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{01F9A868-FDD2-4C83-9251-7E337F01CCB9}] => (Allow) D:\Programs\Smart View 2.0.exe
FirewallRules: [{6A9C2651-3469-492A-A9AA-4A1F5A746F79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEC98AA3-AAB4-4E22-8ED7-A32431BD514A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{53803361-4D74-428C-8985-9469C27A8AE2}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [TCP Query User{CAEFD55D-1B24-4845-8A04-94A2182C5552}D:\programs\utherverse vww client\utherverse.exe] => (Block) D:\programs\utherverse vww client\utherverse.exe
FirewallRules: [{B1A34152-54F4-4E98-8B60-4718839394E2}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{6FE3A923-8A1E-4512-9E73-C5F6661E34FE}] => (Allow) C:\Users\Flo Admin\AppData\Local\Temp\7zS13A4\hppiw.exe
FirewallRules: [{01AE655B-AEA6-4D34-B7E6-B93D558C11CF}] => (Allow) D:\Programs\skype\Phone\Skype.exe
FirewallRules: [{4C892305-F1CD-456F-9479-29C4A9D6A1F5}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{B620889F-981E-4380-BD48-5B2A78FFD7B9}] => (Block) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [UDP Query User{06E9E7E6-5460-45A9-99F7-4861592FDBD1}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [TCP Query User{C7A646F1-22CC-4368-B3C3-F707EDED27FB}C:\program files (x86)\generic\usb server\usbserver.exe] => (Allow) C:\program files (x86)\generic\usb server\usbserver.exe
FirewallRules: [{FDD11821-1F86-45C7-851D-FA154D2D3A80}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FD766F05-B765-4447-BFBE-0EEE6453B1F0}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56AAD266-5579-4571-B2C1-683A719E9156}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BC4B8B3D-4CFB-4449-A80F-D7B0A21C868F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1C44F0E4-B131-4BE7-A724-355BA2FD9BAE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6269E7DD-6F8B-4E38-AB32-DF90F00AF9E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58C1409A-E846-458B-83F6-40DEF3C3660E}] => (Allow) LPort=1900
FirewallRules: [{A11458CA-16B4-457D-9540-FC16BEF66DD9}] => (Allow) LPort=2869
FirewallRules: [{CD50D89C-1F74-4331-BF1C-FACF8B80A5AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1C307B-FB47-4954-879A-C9F32AA75306}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7085672E-17F4-4BA2-8CC6-801B3B5A9898}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4328C627-420E-42CF-AB37-F13E28B5F4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{712073E1-AD11-4CE5-A5AE-BE23C738C34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2E2EE3-69DB-4A8F-A58E-666B302BF57F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B9575A9A-84EC-4244-BE5E-C01C2E7EEC8F}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [TCP Query User{04A83C6A-0266-45B2-9129-11A5A9818B63}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{B357CA7F-906A-4042-880B-7BD10906492B}D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe] => (Allow) D:\programs\steamlibrary\steamapps\common\america's army 3\binaries\aa3game.exe
FirewallRules: [{BE73B786-5CC6-46D6-AD01-0F6A9D522CBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA28F35-185D-4685-90EF-4B7410D89B48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F6258D9-DBA9-4B2E-903E-673846C2DA38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41C58828-FF0B-4965-9C6E-A91CFEB64E4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDE9B23-7E39-4384-84B2-BDC86B906BF8}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{314B90AE-9C41-40C0-88F6-D3C018DD4AFE}] => (Allow) D:\Programs\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{76FFEB86-3414-48E3-87E9-E3C463423945}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD91AC9-FE81-4A2D-A54E-74C1307BE695}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED23FFEA-5BDC-4A1A-B628-DEDDAD96AD99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0F8114D3-CEE6-4721-9802-03E34B9C9126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7AAF4524-9586-46D4-953E-393BB5017E67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5FB4FD0-3303-4146-B905-D5E726A60E4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C429BD3-DE78-4ACC-995A-20197F7A6FCA}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{392515B6-D467-4EDB-ADF2-2E06D5027746}] => (Allow) C:\Users\Flo Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{041AF5DD-4D23-41DD-800E-CEEABF6DC692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0F5F0B1-FDB7-4CBD-B20C-CE66EAAA3C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A12128E-F079-4781-8B63-A51B6E987D8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DDAFAD4B-154A-4455-981E-E2B9380D6339}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8B0D8291-A290-4956-AB94-3F5FA3B49338}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C75E758B-1B29-451A-A14A-961B3A9692CB}] => (Allow) D:\Programs\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30C3732E-0062-4D4C-934D-FEE94DCDB5A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{3367E635-FE50-4DA3-B206-D68ACE711329}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{025BFE64-AC16-444F-A936-96CEAF40D492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{388D8BFC-62D5-45AE-A03F-763078672E9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FCA7B880-A697-415A-A88B-03FCBF0A5547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38E3F818-26D7-4287-B9D7-8100E51B2A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
09-08-2016 19:02:46 Geplanter Prüfpunkt
18-08-2016 21:06:42 Geplanter Prüfpunkt
22-08-2016 22:28:01 Windows Update
28-08-2016 14:01:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/30/2016 02:29:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/30/2016 02:27:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/30/2016 02:27:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:34:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:32:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\flo admin\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (08/29/2016 11:31:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Systemfehler:
=============
Error: (08/29/2016 11:34:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:34:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:33:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:33:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
Error: (08/29/2016 11:32:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (08/29/2016 11:32:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\FLOADM~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-08-17 20:12:53.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 04:31:33.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 20:12:04.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-18 03:08:42.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 23:46:59.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 03:01:05.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-15 19:54:02.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-10 08:03:53.589
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:02:32.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Store signing level requirements.
Date: 2016-06-10 08:01:10.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Programs\PDF Printer\gui.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 3272.3 MB
Verfügbarer physikalischer RAM: 830.34 MB
Summe virtueller Speicher: 5630.04 MB
Verfügbarer virtueller Speicher: 2162.74 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:52.77 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:719.4 GB) NTFS
Drive k: (FLO Doku und Fotos) (Fixed) (Total:931.51 GB) (Free:790.31 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 710B350F)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 119756C8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.08.2016, 02:25
| #12 |
| | Facebook Meldung über angebliche Maleware FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016 durchgeführt von Flo Admin (Administrator) auf BÜROSUF (30-08-2016 03:10:06) Gestartet von C:\Users\Flo Admin\Desktop Geladene Profile: Flo Admin & (Verfügbare Profile: Flo Admin) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (SplitCam Co.) D:\Programs\SplitCam\SplitCamService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe (Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe (USB Server) C:\Program Files (x86)\Generic\USB Server\USBServer.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) Startup: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-19] ShortcutTarget: Dropbox.lnk -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5-x64 08 C:\Program Files (x86)\Generic\USB Server\NPW\NPWprint.dll [195584 2009-09-02] (Elite Silicon Technology Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{8aac2676-c826-45c0-a05a-48952cee79f8}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kbr4azo0.default-1472046214596 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-03] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR Profile: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Amazon) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-09-19] CHR Extension: (Avast Online Security) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19] CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Flo Admin\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-14] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NPWService; C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe [783360 2009-09-02] () [Datei ist nicht signiert] S2 SkypeUpdate; D:\Programs\skype\Updater\Updater.exe [324224 2016-07-25] (Skype Technologies) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert] R2 SpliCamService; D:\Programs\SplitCam\SplitCamService.exe [321024 2016-05-18] (SplitCam Co.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-17] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 EST_BusEnum; C:\Windows\System32\drivers\GenBus.sys [29696 2009-10-06] ( ) R3 EST_Server; C:\Windows\System32\drivers\GenHC.sys [199168 2009-10-06] ( ) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 NUS_Bus; C:\Windows\System32\drivers\NUS_Bus.sys [30208 2009-11-09] (Elite Silicon Technology Inc.) R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider) R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-02-08] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-30 03:11 - 2016-08-30 03:11 - 00017572 _____ C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2016-08-30 02:48 - 2016-08-30 03:05 - 00000000 ____D C:\ProgramData\HitmanPro 2016-08-30 02:47 - 2016-08-30 02:47 - 11438608 _____ (SurfRight B.V.) C:\Users\Flo Admin\Desktop\HitmanPro_x64.exe 2016-08-29 23:31 - 2016-08-29 23:31 - 02870984 _____ (ESET) C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe 2016-08-29 22:37 - 2016-08-29 22:38 - 00009698 _____ C:\Users\Flo Admin\Desktop\Fixlog.txt 2016-08-28 14:08 - 2016-08-28 14:10 - 00057278 _____ C:\Users\Flo Admin\Desktop\Addition.txt 2016-08-28 14:07 - 2016-08-30 03:10 - 00034069 _____ C:\Users\Flo Admin\Desktop\FRST.txt 2016-08-28 14:07 - 2016-08-29 22:36 - 00000000 ____D C:\Users\Flo Admin\Desktop\FRST-OlderVersion 2016-08-28 14:04 - 2016-08-28 14:04 - 00001181 _____ C:\Users\Flo Admin\Desktop\JRT.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022856 _____ C:\mbam2.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022855 _____ C:\Users\Flo Admin\Desktop\mbam.txt 2016-08-28 13:31 - 2016-08-30 02:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-28 13:31 - 2016-08-28 13:31 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-08-28 13:31 - 2016-08-28 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:30 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-08-28 13:30 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-08-28 13:29 - 2016-08-28 13:29 - 00001467 _____ C:\Users\Flo Admin\Desktop\AdwCleaner[C3].txt 2016-08-28 13:11 - 2016-08-28 14:00 - 01610560 _____ (Malwarebytes) C:\Users\Flo Admin\Desktop\JRT.exe 2016-08-28 13:10 - 2016-08-28 13:13 - 03826240 _____ C:\Users\Flo Admin\Desktop\AdwCleaner_6.010.exe 2016-08-26 13:47 - 2016-08-26 13:47 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\.elfohilfe 2016-08-25 06:51 - 2016-08-28 13:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-24 22:11 - 2016-08-24 22:12 - 00269560 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_22.11.35_log.txt 2016-08-24 22:07 - 2016-08-24 22:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Flo Admin\Desktop\tdsskiller.exe 2016-08-24 22:07 - 2016-08-24 22:09 - 00056994 _____ C:\Users\Flo Admin\Downloads\Addition.txt 2016-08-24 22:05 - 2016-08-30 03:10 - 00000000 ____D C:\FRST 2016-08-24 22:05 - 2016-08-25 22:49 - 00056365 _____ C:\Users\Flo Admin\Downloads\FRST.txt 2016-08-24 22:03 - 2016-08-29 22:36 - 02397696 _____ (Farbar) C:\Users\Flo Admin\Desktop\FRST64.exe 2016-08-24 21:53 - 2016-08-24 21:53 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-08-24 15:43 - 2016-08-24 15:43 - 00000000 ____D C:\Users\Flo Admin\Desktop\Alte Firefox-Daten 2016-08-24 15:12 - 2016-08-24 15:12 - 03784256 _____ C:\Users\Flo Admin\Downloads\adwcleaner_6.000.exe 2016-08-24 15:11 - 2016-08-28 13:24 - 00000000 ____D C:\AdwCleaner 2016-08-18 15:59 - 2016-08-18 15:59 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-08-12 21:31 - 2016-08-12 21:31 - 00699943 _____ C:\Users\Flo Admin\Downloads\wmv2-1.9.8.exe 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\waterMark V2 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Program Files (x86)\PMlabs 2016-08-12 11:23 - 2016-08-25 09:06 - 00001170 _____ C:\Users\Flo Admin\Desktop\Mozilla Firefox.lnk 2016-08-10 11:26 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-10 11:26 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 11:26 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 11:26 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-10 11:26 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-10 11:26 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-10 11:26 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-10 11:26 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-10 11:26 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-10 11:26 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-10 11:26 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 11:26 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 11:26 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-10 11:26 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-10 11:26 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 11:26 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-10 11:26 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-10 11:25 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-10 11:25 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-10 11:25 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-10 11:25 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-10 11:25 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-10 11:25 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 11:25 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-10 11:25 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-10 11:25 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-10 11:25 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-10 11:25 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-10 11:25 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-10 11:25 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-10 11:25 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-10 11:25 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-10 11:25 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 11:25 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 11:25 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-10 11:25 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-10 11:25 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-10 11:25 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-10 11:25 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-10 11:25 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-10 11:25 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-10 11:25 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-10 11:25 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-10 11:25 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-10 11:25 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 11:25 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 19:41 - 2016-08-29 23:21 - 00000000 ____D C:\Users\Flo Admin\Desktop\Motorrad 2016-08-03 14:16 - 2016-08-03 14:16 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\Documents\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Prezi 2016-08-03 14:11 - 2016-08-03 14:11 - 00001854 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-08-03 14:11 - 2016-08-03 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop 2016-08-03 14:09 - 2016-08-03 14:11 - 00000000 ____D C:\Program Files (x86)\Prezi Desktop 2016-08-03 14:00 - 2016-08-03 14:01 - 01474568 _____ C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe 2016-08-02 21:52 - 2016-08-02 21:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\TeamViewer 2016-08-02 15:48 - 2016-08-02 16:04 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\SplitCam 2016-08-02 15:40 - 2016-08-02 15:44 - 100375696 _____ (SplitCam Co.) C:\Users\Flo Admin\Downloads\SplitCamSetup.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-30 03:12 - 2014-09-01 13:41 - 00000000 ____D C:\Users\Flo Admin\.gimp-2.8 2016-08-30 03:09 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\WhatsApp 2016-08-30 02:51 - 2015-06-18 14:41 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job 2016-08-30 02:44 - 2014-09-01 13:44 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\gtk-2.0 2016-08-30 02:30 - 2014-01-22 16:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-30 02:27 - 2013-12-12 12:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-30 02:21 - 2015-12-28 00:59 - 00000442 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2016-08-29 23:30 - 2014-01-22 16:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-29 22:51 - 2014-07-01 20:17 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A57FE50-6FA2-4DFD-80A8-6A730953253A} 2016-08-29 22:39 - 2016-02-02 18:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-29 22:39 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2016-08-29 22:39 - 2015-09-15 16:37 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-08-29 22:38 - 2014-03-07 09:41 - 00000000 ____D C:\Users\Flo Admin\AppData\LocalLow\Temp 2016-08-29 22:22 - 2014-01-03 19:12 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Skype 2016-08-29 21:40 - 2014-08-06 21:50 - 00000000 ____D C:\Program Files (x86)\Skype 2016-08-29 21:40 - 2014-01-03 19:11 - 00000000 ____D C:\ProgramData\Skype 2016-08-29 03:51 - 2015-06-18 14:41 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job 2016-08-28 23:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-28 13:57 - 2016-02-02 18:01 - 00000000 ____D C:\Users\Flo Admin 2016-08-28 13:25 - 2013-12-06 11:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-27 17:16 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-24 21:54 - 2014-01-03 15:43 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Dropbox 2016-08-24 15:53 - 2016-06-14 21:55 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:55 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-08-24 15:45 - 2014-01-22 16:39 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-24 15:16 - 2015-09-17 23:29 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-08-20 11:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-18 15:59 - 2015-09-15 23:17 - 00002444 _____ C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-18 15:59 - 2015-09-15 23:17 - 00000000 ___RD C:\Users\Flo Admin\OneDrive 2016-08-18 10:44 - 2013-09-23 14:07 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-18 04:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-08-17 20:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-11 13:43 - 2014-09-24 13:13 - 00001511 _____ C:\Users\Flo Admin\Desktop\Firefox.lnk 2016-08-11 01:32 - 2016-05-30 13:10 - 00000000 ____D C:\Users\Flo Admin\Desktop\Studium 2016-08-10 16:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 16:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-10 16:25 - 2013-12-12 11:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 16:19 - 2013-12-12 11:01 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-10 13:10 - 2016-06-17 06:57 - 00002307 _____ C:\Users\Flo Admin\Desktop\WhatsApp.lnk 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\SquirrelTemp 2016-08-09 20:59 - 2016-06-16 23:22 - 00000000 ____D C:\Users\Flo Admin\Desktop\Fotos vom Handy 2016-08-07 23:32 - 2016-06-15 22:12 - 00000000 ____D C:\Users\Flo Admin\Desktop\DBL Standort für Süssi 2016-08-07 21:52 - 2014-12-15 20:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\uTorrent 2016-08-05 17:06 - 2014-01-03 15:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-08-03 14:07 - 2016-02-02 17:58 - 00000000 ____D C:\ProgramData\Package Cache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-11 22:06 - 2014-05-11 22:06 - 0000046 _____ () C:\Users\Flo Admin\AppData\Roaming\Camdata.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamLayout.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamShapes.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0004535 _____ () C:\Users\Flo Admin\AppData\Roaming\CamStudio.cfg 2014-05-11 22:01 - 2014-05-11 22:01 - 0000096 _____ () C:\Users\Flo Admin\AppData\Roaming\version2.xml 2014-09-24 12:40 - 2016-06-13 14:13 - 0004608 _____ () C:\Users\Flo Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-08-30 03:11 - 2016-08-30 03:11 - 0017572 _____ () C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2014-01-14 22:41 - 2014-01-14 22:41 - 0007602 _____ () C:\Users\Flo Admin\AppData\Local\Resmon.ResmonCfg 2015-12-28 00:25 - 2015-12-28 00:25 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-21 07:10 ==================== Ende von FRST.txt ============================ |
|
30.08.2016, 02:26
| #13 |
| | Facebook Meldung über angebliche Maleware FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016 durchgeführt von Flo Admin (Administrator) auf BÜROSUF (30-08-2016 03:10:06) Gestartet von C:\Users\Flo Admin\Desktop Geladene Profile: Flo Admin & (Verfügbare Profile: Flo Admin) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (SplitCam Co.) D:\Programs\SplitCam\SplitCamService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe () C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe (Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe (USB Server) C:\Program Files (x86)\Generic\USB Server\USBServer.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [401408 2013-04-10] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionMDEngine] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [565248 2013-04-10] (AMD) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [USBServer] => C:\Program Files (x86)\Generic\USB Server\USBServer.exe [1912832 2009-11-30] (USB Server) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Flo Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Flo Admin\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] () HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\LEOGEO~1.SCR [903680 2008-02-20] (Jan Kolarik & Ondrej Vaverka) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Flo Admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-18] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) Startup: C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-19] ShortcutTarget: Dropbox.lnk -> C:\Users\Flo Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5-x64 08 C:\Program Files (x86)\Generic\USB Server\NPW\NPWprint.dll [195584 2009-09-02] (Elite Silicon Technology Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{8aac2676-c826-45c0-a05a-48952cee79f8}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Flo Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kbr4azo0.default-1472046214596 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Flo Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4126187190-1361339850-3817463540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-03] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR Profile: C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Amazon) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-09-19] CHR Extension: (Avast Online Security) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Flo Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19] CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Flo Admin\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-14] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NPWService; C:\Program Files (x86)\Generic\USB Server\NPW\NPWService.exe [783360 2009-09-02] () [Datei ist nicht signiert] S2 SkypeUpdate; D:\Programs\skype\Updater\Updater.exe [324224 2016-07-25] (Skype Technologies) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert] R2 SpliCamService; D:\Programs\SplitCam\SplitCamService.exe [321024 2016-05-18] (SplitCam Co.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software) R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-17] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 EST_BusEnum; C:\Windows\System32\drivers\GenBus.sys [29696 2009-10-06] ( ) R3 EST_Server; C:\Windows\System32\drivers\GenHC.sys [199168 2009-10-06] ( ) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 NUS_Bus; C:\Windows\System32\drivers\NUS_Bus.sys [30208 2009-11-09] (Elite Silicon Technology Inc.) R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider) R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-02-08] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-30 03:11 - 2016-08-30 03:11 - 00017572 _____ C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2016-08-30 02:48 - 2016-08-30 03:05 - 00000000 ____D C:\ProgramData\HitmanPro 2016-08-30 02:47 - 2016-08-30 02:47 - 11438608 _____ (SurfRight B.V.) C:\Users\Flo Admin\Desktop\HitmanPro_x64.exe 2016-08-29 23:31 - 2016-08-29 23:31 - 02870984 _____ (ESET) C:\Users\Flo Admin\Desktop\esetsmartinstaller_deu.exe 2016-08-29 22:37 - 2016-08-29 22:38 - 00009698 _____ C:\Users\Flo Admin\Desktop\Fixlog.txt 2016-08-28 14:08 - 2016-08-28 14:10 - 00057278 _____ C:\Users\Flo Admin\Desktop\Addition.txt 2016-08-28 14:07 - 2016-08-30 03:10 - 00034069 _____ C:\Users\Flo Admin\Desktop\FRST.txt 2016-08-28 14:07 - 2016-08-29 22:36 - 00000000 ____D C:\Users\Flo Admin\Desktop\FRST-OlderVersion 2016-08-28 14:04 - 2016-08-28 14:04 - 00001181 _____ C:\Users\Flo Admin\Desktop\JRT.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022856 _____ C:\mbam2.txt 2016-08-28 13:59 - 2016-08-28 13:59 - 00022855 _____ C:\Users\Flo Admin\Desktop\mbam.txt 2016-08-28 13:31 - 2016-08-30 02:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-28 13:31 - 2016-08-28 13:31 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-08-28 13:31 - 2016-08-28 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-08-28 13:30 - 2016-08-28 13:30 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-08-28 13:30 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-08-28 13:30 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-08-28 13:29 - 2016-08-28 13:29 - 00001467 _____ C:\Users\Flo Admin\Desktop\AdwCleaner[C3].txt 2016-08-28 13:11 - 2016-08-28 14:00 - 01610560 _____ (Malwarebytes) C:\Users\Flo Admin\Desktop\JRT.exe 2016-08-28 13:10 - 2016-08-28 13:13 - 03826240 _____ C:\Users\Flo Admin\Desktop\AdwCleaner_6.010.exe 2016-08-26 13:47 - 2016-08-26 13:47 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\.elfohilfe 2016-08-25 06:51 - 2016-08-28 13:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-24 22:11 - 2016-08-24 22:12 - 00269560 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_22.11.35_log.txt 2016-08-24 22:07 - 2016-08-24 22:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Flo Admin\Desktop\tdsskiller.exe 2016-08-24 22:07 - 2016-08-24 22:09 - 00056994 _____ C:\Users\Flo Admin\Downloads\Addition.txt 2016-08-24 22:05 - 2016-08-30 03:10 - 00000000 ____D C:\FRST 2016-08-24 22:05 - 2016-08-25 22:49 - 00056365 _____ C:\Users\Flo Admin\Downloads\FRST.txt 2016-08-24 22:03 - 2016-08-29 22:36 - 02397696 _____ (Farbar) C:\Users\Flo Admin\Desktop\FRST64.exe 2016-08-24 21:53 - 2016-08-24 21:53 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-08-24 15:43 - 2016-08-24 15:43 - 00000000 ____D C:\Users\Flo Admin\Desktop\Alte Firefox-Daten 2016-08-24 15:12 - 2016-08-24 15:12 - 03784256 _____ C:\Users\Flo Admin\Downloads\adwcleaner_6.000.exe 2016-08-24 15:11 - 2016-08-28 13:24 - 00000000 ____D C:\AdwCleaner 2016-08-18 15:59 - 2016-08-18 15:59 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-08-12 21:31 - 2016-08-12 21:31 - 00699943 _____ C:\Users\Flo Admin\Downloads\wmv2-1.9.8.exe 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\waterMark V2 2016-08-12 21:31 - 2016-08-12 21:31 - 00000000 ____D C:\Program Files (x86)\PMlabs 2016-08-12 11:23 - 2016-08-25 09:06 - 00001170 _____ C:\Users\Flo Admin\Desktop\Mozilla Firefox.lnk 2016-08-10 11:26 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-10 11:26 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 11:26 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 11:26 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-10 11:26 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-10 11:26 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-10 11:26 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-10 11:26 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-10 11:26 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-10 11:26 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-10 11:26 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-10 11:26 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 11:26 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-10 11:26 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 11:26 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-10 11:26 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-10 11:26 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-10 11:26 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-10 11:26 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 11:26 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-10 11:26 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-10 11:26 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-10 11:26 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 11:26 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-10 11:26 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-10 11:26 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 11:25 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-10 11:25 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-10 11:25 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-10 11:25 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-10 11:25 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-10 11:25 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-10 11:25 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 11:25 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-10 11:25 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-10 11:25 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 11:25 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 11:25 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-10 11:25 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-10 11:25 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-10 11:25 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-10 11:25 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 11:25 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-10 11:25 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-10 11:25 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 11:25 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-10 11:25 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-10 11:25 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-10 11:25 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 11:25 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-10 11:25 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-10 11:25 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-10 11:25 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 11:25 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-10 11:25 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-10 11:25 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-10 11:25 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 11:25 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 11:25 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-10 11:25 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-10 11:25 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-10 11:25 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 11:25 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-10 11:25 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-10 11:25 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-10 11:25 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-10 11:25 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-10 11:25 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-10 11:25 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-10 11:25 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-10 11:25 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-10 11:25 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-10 11:25 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-10 11:25 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 11:25 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-10 11:25 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-10 11:25 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-10 11:25 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-10 11:25 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-10 11:25 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-10 11:25 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 11:25 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-10 11:25 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 11:25 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 19:41 - 2016-08-29 23:21 - 00000000 ____D C:\Users\Flo Admin\Desktop\Motorrad 2016-08-03 14:16 - 2016-08-03 14:16 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\Documents\Prezi 2016-08-03 14:15 - 2016-08-03 14:15 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Prezi 2016-08-03 14:11 - 2016-08-03 14:11 - 00001854 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-08-03 14:11 - 2016-08-03 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop 2016-08-03 14:09 - 2016-08-03 14:11 - 00000000 ____D C:\Program Files (x86)\Prezi Desktop 2016-08-03 14:00 - 2016-08-03 14:01 - 01474568 _____ C:\Users\Flo Admin\Downloads\Prezi Desktop - CHIP-Installer.exe 2016-08-02 21:52 - 2016-08-02 21:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\TeamViewer 2016-08-02 15:48 - 2016-08-02 16:04 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\SplitCam 2016-08-02 15:40 - 2016-08-02 15:44 - 100375696 _____ (SplitCam Co.) C:\Users\Flo Admin\Downloads\SplitCamSetup.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-30 03:12 - 2014-09-01 13:41 - 00000000 ____D C:\Users\Flo Admin\.gimp-2.8 2016-08-30 03:09 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\WhatsApp 2016-08-30 02:51 - 2015-06-18 14:41 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001UA.job 2016-08-30 02:44 - 2014-09-01 13:44 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\gtk-2.0 2016-08-30 02:30 - 2014-01-22 16:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-30 02:27 - 2013-12-12 12:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-30 02:21 - 2015-12-28 00:59 - 00000442 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2016-08-29 23:30 - 2014-01-22 16:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-29 22:51 - 2014-07-01 20:17 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A57FE50-6FA2-4DFD-80A8-6A730953253A} 2016-08-29 22:39 - 2016-02-02 18:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-29 22:39 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2016-08-29 22:39 - 2015-09-15 16:37 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-08-29 22:38 - 2014-03-07 09:41 - 00000000 ____D C:\Users\Flo Admin\AppData\LocalLow\Temp 2016-08-29 22:22 - 2014-01-03 19:12 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Skype 2016-08-29 21:40 - 2014-08-06 21:50 - 00000000 ____D C:\Program Files (x86)\Skype 2016-08-29 21:40 - 2014-01-03 19:11 - 00000000 ____D C:\ProgramData\Skype 2016-08-29 03:51 - 2015-06-18 14:41 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4126187190-1361339850-3817463540-1001Core.job 2016-08-28 23:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-28 13:57 - 2016-02-02 18:01 - 00000000 ____D C:\Users\Flo Admin 2016-08-28 13:25 - 2013-12-06 11:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-27 17:16 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-24 21:54 - 2014-01-03 15:43 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Dropbox 2016-08-24 15:53 - 2016-06-14 21:55 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:55 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-08-24 15:53 - 2016-06-14 21:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-08-24 15:45 - 2014-01-22 16:39 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-24 15:16 - 2015-09-17 23:29 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-08-20 11:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-18 15:59 - 2015-09-15 23:17 - 00002444 _____ C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-18 15:59 - 2015-09-15 23:17 - 00000000 ___RD C:\Users\Flo Admin\OneDrive 2016-08-18 10:44 - 2013-09-23 14:07 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-18 04:31 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-08-17 20:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-17 20:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-11 13:43 - 2014-09-24 13:13 - 00001511 _____ C:\Users\Flo Admin\Desktop\Firefox.lnk 2016-08-11 01:32 - 2016-05-30 13:10 - 00000000 ____D C:\Users\Flo Admin\Desktop\Studium 2016-08-10 16:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 16:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-10 16:25 - 2013-12-12 11:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 16:19 - 2013-12-12 11:01 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-10 13:10 - 2016-06-17 06:57 - 00002307 _____ C:\Users\Flo Admin\Desktop\WhatsApp.lnk 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\WhatsApp 2016-08-10 13:10 - 2016-06-17 06:57 - 00000000 ____D C:\Users\Flo Admin\AppData\Local\SquirrelTemp 2016-08-09 20:59 - 2016-06-16 23:22 - 00000000 ____D C:\Users\Flo Admin\Desktop\Fotos vom Handy 2016-08-07 23:32 - 2016-06-15 22:12 - 00000000 ____D C:\Users\Flo Admin\Desktop\DBL Standort für Süssi 2016-08-07 21:52 - 2014-12-15 20:52 - 00000000 ____D C:\Users\Flo Admin\AppData\Roaming\uTorrent 2016-08-05 17:06 - 2014-01-03 15:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-08-03 14:07 - 2016-02-02 17:58 - 00000000 ____D C:\ProgramData\Package Cache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-11 22:06 - 2014-05-11 22:06 - 0000046 _____ () C:\Users\Flo Admin\AppData\Roaming\Camdata.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamLayout.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0000408 _____ () C:\Users\Flo Admin\AppData\Roaming\CamShapes.ini 2014-05-11 22:06 - 2014-05-11 22:06 - 0004535 _____ () C:\Users\Flo Admin\AppData\Roaming\CamStudio.cfg 2014-05-11 22:01 - 2014-05-11 22:01 - 0000096 _____ () C:\Users\Flo Admin\AppData\Roaming\version2.xml 2014-09-24 12:40 - 2016-06-13 14:13 - 0004608 _____ () C:\Users\Flo Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-08-30 03:11 - 2016-08-30 03:11 - 0017572 _____ () C:\Users\Flo Admin\AppData\Local\recently-used.xbel 2014-01-14 22:41 - 2014-01-14 22:41 - 0007602 _____ () C:\Users\Flo Admin\AppData\Local\Resmon.ResmonCfg 2015-12-28 00:25 - 2015-12-28 00:25 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-21 07:10 ==================== Ende von FRST.txt ============================ |
|
30.08.2016, 02:31
| #14 |
| | Facebook Meldung über angebliche Maleware Zunächst erstmal ein dickes fettes  für die geopferte Zeit um mich wieder mit Facebook zu befreunden. Zu deiner Frage: Der PC läuft ansonsten tadellos. Nur das Login Problem besteht (Stand jetzt 03:28 ) immer noch!  |
|
30.08.2016, 09:53
| #15 | |||||||||||
| /// TB-Ausbilder | Facebook Meldung über angebliche Maleware Servus, hhmmm... ein paar Reste haben wir noch zu entfernen, mal schauen ob die Meldung dann immer noch kommt. Zitat:
Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\Flo Admin\AppData\Roaming\Host System
C:\Users\Flo Admin\Downloads\*.exe
D:\Programs\PSDViewer\MyBabylonTB.exe
K:\Downloads\*.exe
K:\Setups Programme Laptop\ashampoo_burning_studio_2010_advanced_9.24_7590.exe
K:\Setups Programme Laptop\FreeYouTubeToMp3Converter.exe
K:\Setups Programme Laptop\zaSetup_92_058_000_de.exe
K:\Setups Programme Laptop\Setups\FreeYouTubeToMP3Converter31015.exe
K:\Setups Programme Laptop\Setups\PDFCreator-1_2_3_setup.exe
K:\Setups Programme Laptop\Setups\zaSetupWeb_101_079_000.exe
K:\Setups Programme Laptop\treiber\Setup\zaSetup_92_058_000_de(1).exe
K:\Setups Programme Laptop\treiber\Setup\zaSetup_92_058_000_de.exe
HKU\S-1-5-21-4126187190-1361339850-3817463540-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Facebook Meldung über angebliche Maleware |
| anhang, anmeldung, avast, beiträge, daten, erhalte, firefox, funktioniert, geändert, handy, heute, konnte, laufen, link, maleware, meldung, nichts, passwort, protokoll, sofort, speicher, speichert, versucht, windows, woche |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
