Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Myfilestore.com Virus eingefangen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 09.03.2017, 22:58   #1
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Guten Abend,

meine Frau hat heute in Google eine Anleitung für den Spielzeug-Traktor unseres Sohnes gesucht. Sie hat dann auf einen Link zu einem Forum geklickt (www.modelltruck.net) und wurde auf Myfilestore weitergeleitet. Die Seite kam ihr komisch vor und sie weiß nicht genau was sie dann angeklickt hat.

Im Verlauf habe ich die folgenden beiden (auffälligen?) Links gefunden:

hxxp://myfilestore.com/download.php?id=57352d56
hxxp://nv.msghbsuasively.download/9557/1035/anl1/j5wcey/1225

Ich habe dann gegoogelt und gelesen, dass es sich um einen Virus handeln könnte und habe den Firefox wieder zurückgesetzt (der Verlauf blieb aber erhalten).

Wie kann ich feststellen, ob der PC von einem Virus befallen wurde, bislang hat sich das Verhalten von Firefox nicht verändert bzw. der Virenscanner Bitdefender hat auch keinen Virus gefunden (habe aber auch gelesen, dass der Virus die Virenscanner usw. ausschalten kann).

Vielen Dank schon mal für Eure Hilfe!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von Silvia (Administrator) auf SILVIA-PC (09-03-2017 22:38:16)
Gestartet von C:\Users\Silvia\Downloads
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Run: [Dropbox Update] => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d96e33c9-9c49-41b5-9ccb-f54ed90cc9d8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> {0CD413A5-25C0-4513-A268-CED8EFAF18A8} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 [2017-03-09]
FF NewTab: Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 -> chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Extension: (WEB.DE MailCheck) - C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183\Extensions\toolbar@web.de [2017-03-09] [ist nicht signiert]
FF Extension: (UITBAutoInstaller) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26] [ist nicht signiert]
FF HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [111320 2016-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1574744 2016-01-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S3 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2015-09-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\WINDOWS\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:40 - 2017-03-09 22:39 - 00003574 _____ C:\Users\Silvia\Desktop\Bitdefender 1489095559_1_01.xml
2017-03-09 22:38 - 2017-03-09 22:39 - 00018214 _____ C:\Users\Silvia\Downloads\FRST.txt
2017-03-09 22:38 - 2017-03-09 22:38 - 00000000 ____D C:\FRST
2017-03-09 22:37 - 2017-03-09 22:37 - 02423808 _____ (Farbar) C:\Users\Silvia\Downloads\FRST64.exe
2017-03-09 21:33 - 2017-03-09 21:33 - 00097882 _____ C:\ProgramData\1489091590.bdinstall.bin
2017-03-09 21:28 - 2017-03-09 21:28 - 00000000 ____D C:\Users\Silvia\Desktop\Alte Firefox-Daten
2017-03-03 11:11 - 2017-03-03 11:11 - 00032740 _____ C:\Users\Silvia\Downloads\Dinkel Pizzateig - 2016-09-10.pdf
2017-02-25 09:20 - 2017-02-25 09:20 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-23 20:17 - 2017-02-23 20:48 - 00000000 ____D C:\Users\Silvia\Desktop\Igel Fotostick
2017-02-15 10:14 - 2017-02-15 10:14 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-15 10:14 - 2017-02-15 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:34 - 2016-03-25 17:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-09 22:04 - 2016-10-14 23:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-09 20:36 - 2013-09-18 18:17 - 00000000 ___RD C:\Users\Silvia\Dropbox
2017-03-09 15:16 - 2012-08-19 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 15:15 - 2016-11-24 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-09 15:07 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-09 15:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 15:05 - 2013-05-20 16:16 - 02426440 _____ C:\Users\Silvia\Desktop\bitdefender_antivirus2013.exe
2017-03-09 10:17 - 2015-06-12 22:02 - 00000000 ____D C:\Users\Silvia\AppData\Local\Dropbox
2017-03-01 12:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\Silvia
2017-03-01 11:23 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\ELAM
2017-03-01 11:20 - 2016-10-15 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 11:20 - 2012-08-19 11:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-25 09:41 - 2013-09-18 18:15 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Dropbox
2017-02-24 09:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 09:01 - 2013-07-28 21:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:07 - 2012-08-22 20:49 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 20:49 - 2014-08-18 15:46 - 00000000 ____D C:\Users\Silvia\AppData\Local\Adobe
2017-02-23 20:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 11:09 - 2016-12-07 07:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 11:08 - 2016-03-06 13:22 - 00002421 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 11:08 - 2016-03-06 13:22 - 00000000 ___RD C:\Users\Silvia\OneDrive
2017-02-15 10:14 - 2012-08-19 07:37 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-09 13:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-08 11:13 - 2015-10-23 20:04 - 00000000 ____D C:\Users\Silvia\AppData\Local\Nero

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-19 08:08 - 2012-04-19 08:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 07:59 - 2012-04-19 07:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2012-04-19 07:59 - 2012-04-19 07:59 - 0473600 _____ () C:\Program Files\setup.exe
2012-04-19 07:59 - 2012-04-19 07:59 - 0000290 _____ () C:\Program Files\setup.ini
2016-05-23 20:52 - 2016-05-23 20:52 - 0000385 _____ () C:\Users\Silvia\AppData\Roaming\user_gensett.xml
2012-10-07 17:24 - 2012-10-07 17:24 - 0000393 _____ () C:\Users\Silvia\AppData\Local\HamsterVideoConverterSettings.cfg
2016-04-14 18:41 - 2016-04-14 18:41 - 0627349 _____ () C:\ProgramData\1460653227.bdinstall.bin
2016-06-15 06:33 - 2016-06-15 06:33 - 0026781 _____ () C:\ProgramData\1465968770.bdinstall.bin
2017-03-09 21:33 - 2017-03-09 21:33 - 0097882 _____ () C:\ProgramData\1489091590.bdinstall.bin
2016-09-20 11:32 - 2016-09-20 11:32 - 0026838 _____ () C:\ProgramData\agent.1474367523.bdinstall.bin
2016-11-02 14:41 - 2016-11-02 14:41 - 0028759 _____ () C:\ProgramData\agent.1478094058.bdinstall.bin
2016-10-14 23:48 - 2016-10-14 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-26 18:49 - 2014-12-26 21:42 - 0000836 _____ () C:\ProgramData\hpzinstall.log
2011-11-03 19:44 - 2011-11-03 19:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-11-03 19:37 - 2011-11-03 19:37 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-11-03 19:41 - 2011-11-03 19:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-03 19:38 - 2011-11-03 19:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-11-03 19:42 - 2011-11-03 19:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 10:39

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Silvia (09-03-2017 22:40:45)
Gestartet von C:\Users\Silvia\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-14 23:30:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-983883370-204824152-491102941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-983883370-204824152-491102941-503 - Limited - Disabled)
Gast (S-1-5-21-983883370-204824152-491102941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-983883370-204824152-491102941-1002 - Limited - Enabled)
Silvia (S-1-5-21-983883370-204824152-491102941-1000 - Administrator - Enabled) => C:\Users\Silvia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender-Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender-Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli Fotobücher (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1423 - Bitdefender)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.6.0.326 - Bitdefender)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finanzplaner PRO (HKLM-x32\...\Finanzplaner PRO) (Version:  - FinanzPortal24 GmbH)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Wajam (HKLM-x32\...\Wajam Web Enhancer) (Version: 1.3.0.94 (i1.0) - Wajam) <==== ACHTUNG
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{E47A3570-59A0-4948-A678-A930FEE8AAC7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{B999EF65-7140-47E1-BED0-6A32E64A0D7D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1399D005-9179-4EB0-B62B-C71085F1CB81} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {1B0CAC01-78B1-46EA-AAD0-A5C0C9A9EEBD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1BBE6E19-EAC8-48F9-A650-29AC264EC91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1C267C23-B5F9-41FF-A4D5-92C4B112F598} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1ED078EF-C616-449A-9E71-3FF7CE79AF8D} - System32\Tasks\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => pcalua.exe -a C:\Users\Silvia\Documents\dbgview\DBGVIEW.EXE -d C:\Users\Silvia\Documents\dbgview
Task: {27018021-93D3-4181-A414-70E233096DA8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4CFDEB-63DC-4061-BBED-999970D6C986} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2013\bdproductdata.exe 
Task: {2F0D4068-C9FA-4B45-A7FC-625D0F57B02A} - System32\Tasks\{EE305C4B-2645-4AD4-AB31-8774E0D9EF4D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {34185101-2D74-4011-908B-B1FC4B4C4BE7} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe 
Task: {3F0C9060-E8B5-4D4D-B60B-15ED2B085296} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {40CA2C1C-8985-452E-B5F1-23E374E19F48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {43C4CCEB-42BC-4680-93D3-1C620439C826} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {44EF540E-C6D8-4717-9B55-5525DA621CDE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4A1A75AC-E505-48A8-ACAD-2FB594C0BB58} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {4BD94884-E059-4F7C-8455-62E2AA5A3DBE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated)
Task: {54D5411A-538D-4D2E-B0C2-D79A683DEEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5996EC8B-1C65-4C80-84F9-96E88B7A1A86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6300AB21-F4AE-4D28-97B2-6921A3833149} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {73CC6AD6-7914-402D-B519-52F325732A2B} - System32\Tasks\{C7DA0173-A309-4F90-B5F2-89918793E3A1} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.30.0.105.411/de/abandoninstall?page=tsProgressBar
Task: {7556EB99-AC76-4EE7-9CB3-0B4CCE2DCDB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {75B74FA7-121A-45AF-A58F-CE8474E83919} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {850E9F07-2096-4FE9-A733-FE077D4AABE5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {85E7851F-6507-45F7-B071-77F75A503F5B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8748D2C8-7B61-46D6-8560-B806F3E45DC2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {881323E1-6913-4B08-9348-3BBEDA2FED8C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {8B334E28-4173-4E7B-B70D-2239A7897ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8C128A29-BC22-409A-B3B4-B6A225FC4454} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9A651807-3F5E-4BD4-AAAF-938487ACD279} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9C7B57B7-F799-4A6C-929D-59D86F528183} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9D3B18C5-480C-4532-A960-D319D34E5EE7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {9FED81DA-52A7-4C9D-8AB0-16EFCF8E0626} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {A2A0F0F1-0AD4-4693-9963-A68C0DEBC0CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AB30CF4B-78EE-43C6-84AF-18B9600D7A09} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AC2B6A0D-936A-493E-AEBC-22346C4B382D} - System32\Tasks\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => pcalua.exe -a C:\Users\Silvia\Downloads\p-std.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {AF8E0C35-0478-480E-AB08-8B82E504A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {B24C4704-4B41-438C-A0D8-EB1B1B19B584} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {BCF1F663-95A5-46DA-A8D2-EEE34805A0B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C491C115-391E-4D12-8322-67457D3CA592} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CB902C20-D63C-4BA9-ABDC-BF90E0F37791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D00A0671-354F-4F46-90B3-CE483FFBB1D6} - System32\Tasks\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => pcalua.exe -a C:\Users\Silvia\Downloads\NeroClassic\nero60023.exe -d C:\Users\Silvia\Downloads\NeroClassic
Task: {D1A7B405-6102-4350-8033-19B49D45750C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D1E76148-5778-4CFB-BA87-2269DB3D4FD9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {D64C454A-E02D-4972-99F7-BF6AEF595F22} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D89CE4B1-DC7B-42F9-98E6-F9C8DE7003A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DC02FBDE-D986-497A-9492-9186C3C240E6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DEF7D778-88F3-48E0-8236-1247220EDAA7} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe 
Task: {EE38C2DC-835A-47AA-83A0-1A102876D107} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F1B6F95C-CAB2-4BFF-AA66-C6BB1E217B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F31AABE0-BE26-427E-8159-BF36BA8A0C32} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {F645E1B5-0C8C-49DE-8DF7-045D7C9C022E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {FB5C8F08-3D93-43D7-9E1F-FB95C61673F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FC32A813-B554-47A0-B581-AD88FB648F7B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-14 18:19 - 2015-11-04 13:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-04-14 18:18 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-04-14 18:19 - 2016-03-02 15:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2017-02-07 16:40 - 2017-02-07 16:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpbr.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpdsp.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpph.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttprbl.mdl
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-11-03 19:41 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-15 00:32 - 2016-10-15 00:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-16 11:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2014-04-13 08:41 - 2015-04-14 10:05 - 01428760 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-28 11:15 - 2017-03-01 10:04 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 15:18 - 2016-06-03 19:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-09 23:19 - 2016-03-09 23:21 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-16 11:05 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-16 11:05 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 09741592 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-04-13 08:35 - 2015-04-14 10:06 - 03929880 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02872600 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02136856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01960728 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 04463896 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01593624 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 05308184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02392344 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01171224 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01633560 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01341720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01312536 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 07374616 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01296664 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2017-02-25 09:19 - 2017-02-21 19:58 - 00802112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\dropbox_watchdog.dll
2017-02-25 09:20 - 2017-01-25 22:03 - 00035792 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\_multiprocessing.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00100296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\_ctypes.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00018888 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\select.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00019776 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\tornado.speedups.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00694224 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\unicodedata.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00020824 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-02-25 09:20 - 2017-01-25 22:04 - 00123856 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\_cffi_backend.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 01682768 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00020816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\cryptography.hazmat.bindings._padding.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00145864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\pyexpat.pyd
2017-02-25 09:19 - 2017-01-25 22:04 - 00019408 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\faulthandler.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00116688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\pywintypes27.dll
2017-02-25 09:20 - 2017-01-25 22:06 - 00105928 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32api.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.crt.compiled._winffi_crt.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00038712 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\fastpath.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00052544 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\psutil._psutil_windows.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00024528 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32event.pyd
2017-02-25 09:20 - 2017-01-25 22:03 - 00392144 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\pythoncom27.dll
2017-02-25 09:20 - 2017-01-25 22:06 - 00020936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\mmapfile.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00116176 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32security.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00381760 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32com.shell.shell.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00124880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32file.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32clipboard.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00175560 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32gui.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00030160 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32pipe.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00043472 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32process.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00048592 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32service.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00057808 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32evtlog.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32profile.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00246608 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\breakpad.client.windows.handler.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00027488 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-02-25 09:20 - 2017-01-25 22:05 - 00241104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\_jpegtran.pyd
2017-02-25 09:19 - 2017-02-21 20:01 - 00022336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\cpuid.compiled._cpuid.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00028616 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32ts.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 01826104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtCore.pyd
2017-02-25 09:20 - 2017-01-25 22:04 - 00083912 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\sip.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 01972536 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtGui.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 03928896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWidgets.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00531264 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtNetwork.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00053072 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winrpcserver.compiled._RPCServer.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00025432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00133432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWebKit.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00224064 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWebKitWidgets.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00207680 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtPrintSupport.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.user32.compiled._winffi_user32.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00069968 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00021848 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00350152 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winxpgui.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00103232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWinExtras.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00023896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winverifysignature.compiled._VerifySignature.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00025936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\librsyncffi.compiled._librsyncffi.pyd
2017-02-25 09:20 - 2017-01-25 22:01 - 00036296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\librsync.dll
2017-02-25 09:19 - 2017-02-21 20:01 - 00033112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\enterprise_data.compiled._enterprise_data.pyd
2017-02-25 09:19 - 2017-01-27 03:02 - 00293392 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\EnterpriseDataAdapter.dll
2017-02-25 09:19 - 2017-02-21 20:01 - 00084288 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\dropbox_sqlite_ext.DLL
2017-02-25 09:20 - 2017-01-25 22:11 - 00017864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\libEGL.dll
2017-02-25 09:20 - 2017-01-25 22:11 - 01631184 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\libGLESv2.dll
2017-02-25 09:20 - 2017-02-21 20:01 - 00042816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWebChannel.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00171336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtWebEngineWidgets.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00357688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtQml.pyd
2017-02-25 09:20 - 2017-01-25 22:06 - 00060880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\win32print.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-25 09:20 - 2017-02-21 20:01 - 00546104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\OldBinaries\bin_ou8vvt\bin\PyQt5.QtQuick.pyd
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ALDI Bestellsoftware Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Barchart-windows64-online.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ccsetup402_slim.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\devolo-cockpit-v4-3-2.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Dropbox 2.0.26.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-14.3.20130522u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.0.20150113k.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer17x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jre-7u25-windows-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(3).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(4).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(5).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(6).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero Burning ROM Classic - CHIP-Installer.exe:BDU [1]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero2016-17.09.2015_stub_trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\OJ4500vG510a-f_Full_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SkypeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bbeb6448-8619-4f01-847d-26d45d85e6ac}.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{A16D0D75-C1D3-4A9C-897C-F38B6B7C302C}C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [TCP Query User{98E7D470-75B0-4BB0-BE29-C28E75AEB3DE}C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [UDP Query User{AFE7F784-2B6E-48F6-BFE6-1968B18CC041}C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [TCP Query User{E7F1EFFC-6FBA-447A-BF70-0265D3DC85C6}C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [{3DE67F7C-1488-4DB3-8A2A-45192F3C651A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D3A12754-2A57-4885-842D-8AA3ED44C871}] => (Allow) LPort=2869
FirewallRules: [{8CB8640B-5C1D-444A-B969-A40FEEF028E5}] => (Allow) LPort=1900
FirewallRules: [{B643C5E9-D117-47DF-89E0-DC8BD5C27470}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{27897909-3333-4AB8-8321-4ED5F0AB237E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D2BB4FB1-3B6F-4E99-96DC-654F3AC31DD7}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe
FirewallRules: [{6B62A0E8-45BC-49F9-BE74-CA06218D7D13}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{F75725D7-C713-4B7A-A979-7AC3FD886125}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF38764D-0E9B-4084-9CF7-D1E41BEFEF7C}] => (Allow) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8A8D2863-ABB3-42AE-9AF9-B0FC317B9A85}] => (Allow) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6F44C9FA-6900-4321-A40C-71E5F3DB4229}C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7353BFF7-2E8E-4604-A87C-628D1E18F507}C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{BB3CDDFB-E575-40E3-AF96-EC124AB8C478}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5052DC34-BEE9-46AB-BC41-0D6B6F3B846A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{EAE81B79-64EC-438E-A279-0A664CF0C0D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{86ED9D49-92A7-4795-8D83-91E5ACCB5421}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{CBE5E590-C360-4CB0-8591-6BC691AB48C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{40FA4886-B709-4285-8700-D20A7C899841}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A7715B9B-E135-4400-B655-AF23B91BEBF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{790121A4-D0C5-40FC-B4AB-9059390D3A99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{D9903537-FE85-4551-B81A-0FBE70F225DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{61B662C9-1F70-4783-B60D-F237E452A5EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{92B05612-90E6-4B02-B1C6-C10FCE2412B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{44B923AA-F630-4A7E-B14F-81087372D9FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{432836EF-DB58-46EA-9A8B-90E59020A33A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A3E06F3E-E1F8-4C7C-83E8-27E4EB22A92D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{54E57F93-0567-445C-8DBB-B0058587755D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{D10B9EFF-85DE-4FF1-ABC2-F35CA80134F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EA26F5D1-A803-4CFB-AAFD-836AB0F952A3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{34663BF6-BB6C-4F3D-84B3-677582D5C4BF}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DE3C447D-EA6C-4A34-8249-984D573D6C9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17A526AA-66AE-4A46-B440-773E6F9EC345}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{02781F3E-E8F8-43B7-8A1F-45F972297ED2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E8296320-6604-4439-9EFD-3F63642BC566}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{85D703B9-2D95-4D9C-BA1B-1CF974F4EBF4}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{E3AC5DB4-4351-4F61-8C01-4547B18AF1F5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{00E90E81-6EB7-4406-B084-4819A7E6CC17}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{E3D334F6-4CEE-4F33-B199-9C4921992BF3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 12:24:37 Geplanter Prüfpunkt
23-02-2017 22:00:27 Windows Update
01-03-2017 20:02:06 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2017 10:53:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/02/2017 12:01:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/01/2017 08:04:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 10:23:12 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/28/2017 11:20:24 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


Systemfehler:
=============
Error: (03/09/2017 08:34:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 03:14:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:10:59 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 02:50:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 10:16:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:54:02 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/07/2017 08:58:10 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3305M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 3563.8 MB
Verfügbarer physikalischer RAM: 1439 MB
Summe virtueller Speicher: 7147.8 MB
Verfügbarer virtueller Speicher: 4336.94 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:178 GB) (Free:87.26 GB) NTFS
Drive d: () (Fixed) (Total:266.26 GB) (Free:72.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933609DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Geändert von cosinus (10.03.2017 um 14:17 Uhr) Grund: CODE-Tags

Alt 11.03.2017, 15:52   #2
M-K-D-B
/// TB-Ausbilder
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptome heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 11.03.2017, 20:40   #3
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Hallo Matthias,

vielen Dank schon einmal für Deine Hilfe!

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Silvia (Administrator) auf SILVIA-PC (11-03-2017 20:04:50)
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Run: [Dropbox Update] => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d96e33c9-9c49-41b5-9ccb-f54ed90cc9d8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> {0CD413A5-25C0-4513-A268-CED8EFAF18A8} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 [2017-03-11]
FF NewTab: Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 -> chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Extension: (WEB.DE MailCheck) - C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183\Extensions\toolbar@web.de [2017-03-09] [ist nicht signiert]
FF Extension: (UITBAutoInstaller) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26] [ist nicht signiert]
FF HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [111320 2016-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1574744 2016-01-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S3 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2015-09-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\WINDOWS\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 20:03 - 2017-03-11 20:04 - 02424320 _____ (Farbar) C:\Users\Silvia\Desktop\FRST64.exe
2017-03-11 19:45 - 2017-03-11 19:45 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 23:05 - 2017-03-11 20:06 - 00018332 _____ C:\Users\Silvia\Desktop\FRST.txt
2017-03-09 23:05 - 2017-03-09 23:05 - 00066911 _____ C:\Users\Silvia\Desktop\Addition.txt
2017-03-09 22:40 - 2017-03-10 02:34 - 00099443 _____ C:\Users\Silvia\Desktop\Bitdefender 1489095559_1_01.xml
2017-03-09 22:40 - 2017-03-09 22:42 - 00066908 _____ C:\Users\Silvia\Downloads\Addition.txt
2017-03-09 22:38 - 2017-03-11 20:04 - 00000000 ____D C:\FRST
2017-03-09 22:38 - 2017-03-09 22:42 - 00025098 _____ C:\Users\Silvia\Downloads\FRST.txt
2017-03-09 22:37 - 2017-03-09 22:37 - 02423808 _____ (Farbar) C:\Users\Silvia\Downloads\FRST64.exe
2017-03-09 21:33 - 2017-03-09 21:33 - 00097882 _____ C:\ProgramData\1489091590.bdinstall.bin
2017-03-09 21:28 - 2017-03-09 21:28 - 00000000 ____D C:\Users\Silvia\Desktop\Alte Firefox-Daten
2017-03-03 11:11 - 2017-03-03 11:11 - 00032740 _____ C:\Users\Silvia\Downloads\Dinkel Pizzateig - 2016-09-10.pdf
2017-02-23 20:17 - 2017-02-23 20:48 - 00000000 ____D C:\Users\Silvia\Desktop\Igel Fotostick
2017-02-15 10:14 - 2017-02-15 10:14 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-15 10:14 - 2017-02-15 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-11 19:55 - 2016-10-14 23:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-11 19:46 - 2013-09-18 18:17 - 00000000 ___RD C:\Users\Silvia\Dropbox
2017-03-11 19:46 - 2013-09-18 18:15 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Dropbox
2017-03-11 19:28 - 2016-03-25 17:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-09 22:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 15:16 - 2012-08-19 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 15:15 - 2016-11-24 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-09 15:05 - 2013-05-20 16:16 - 02426440 _____ C:\Users\Silvia\Desktop\bitdefender_antivirus2013.exe
2017-03-09 10:17 - 2015-06-12 22:02 - 00000000 ____D C:\Users\Silvia\AppData\Local\Dropbox
2017-03-01 12:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\Silvia
2017-03-01 11:23 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\ELAM
2017-03-01 11:20 - 2016-10-15 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 11:20 - 2012-08-19 11:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 09:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 09:01 - 2013-07-28 21:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:07 - 2012-08-22 20:49 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 20:49 - 2014-08-18 15:46 - 00000000 ____D C:\Users\Silvia\AppData\Local\Adobe
2017-02-23 20:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 11:09 - 2016-12-07 07:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 11:08 - 2016-03-06 13:22 - 00002421 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 11:08 - 2016-03-06 13:22 - 00000000 ___RD C:\Users\Silvia\OneDrive
2017-02-15 10:14 - 2012-08-19 07:37 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-19 08:08 - 2012-04-19 08:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 07:59 - 2012-04-19 07:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2012-04-19 07:59 - 2012-04-19 07:59 - 0473600 _____ () C:\Program Files\setup.exe
2012-04-19 07:59 - 2012-04-19 07:59 - 0000290 _____ () C:\Program Files\setup.ini
2016-05-23 20:52 - 2016-05-23 20:52 - 0000385 _____ () C:\Users\Silvia\AppData\Roaming\user_gensett.xml
2012-10-07 17:24 - 2012-10-07 17:24 - 0000393 _____ () C:\Users\Silvia\AppData\Local\HamsterVideoConverterSettings.cfg
2016-04-14 18:41 - 2016-04-14 18:41 - 0627349 _____ () C:\ProgramData\1460653227.bdinstall.bin
2016-06-15 06:33 - 2016-06-15 06:33 - 0026781 _____ () C:\ProgramData\1465968770.bdinstall.bin
2017-03-09 21:33 - 2017-03-09 21:33 - 0097882 _____ () C:\ProgramData\1489091590.bdinstall.bin
2016-09-20 11:32 - 2016-09-20 11:32 - 0026838 _____ () C:\ProgramData\agent.1474367523.bdinstall.bin
2016-11-02 14:41 - 2016-11-02 14:41 - 0028759 _____ () C:\ProgramData\agent.1478094058.bdinstall.bin
2016-10-14 23:48 - 2016-10-14 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-26 18:49 - 2014-12-26 21:42 - 0000836 _____ () C:\ProgramData\hpzinstall.log
2011-11-03 19:44 - 2011-11-03 19:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-11-03 19:37 - 2011-11-03 19:37 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-11-03 19:41 - 2011-11-03 19:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-03 19:38 - 2011-11-03 19:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-11-03 19:42 - 2011-11-03 19:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 10:39

==================== Ende von FRST.txt ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Silvia (11-03-2017 20:07:18)
Gestartet von C:\Users\Silvia\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-14 23:30:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-983883370-204824152-491102941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-983883370-204824152-491102941-503 - Limited - Disabled)
Gast (S-1-5-21-983883370-204824152-491102941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-983883370-204824152-491102941-1002 - Limited - Enabled)
Silvia (S-1-5-21-983883370-204824152-491102941-1000 - Administrator - Enabled) => C:\Users\Silvia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender-Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender-Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli Fotobücher (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1423 - Bitdefender)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.6.0.326 - Bitdefender)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finanzplaner PRO (HKLM-x32\...\Finanzplaner PRO) (Version:  - FinanzPortal24 GmbH)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Wajam (HKLM-x32\...\Wajam Web Enhancer) (Version: 1.3.0.94 (i1.0) - Wajam) <==== ACHTUNG
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{E47A3570-59A0-4948-A678-A930FEE8AAC7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{B999EF65-7140-47E1-BED0-6A32E64A0D7D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1399D005-9179-4EB0-B62B-C71085F1CB81} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {1B0CAC01-78B1-46EA-AAD0-A5C0C9A9EEBD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1BBE6E19-EAC8-48F9-A650-29AC264EC91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1C267C23-B5F9-41FF-A4D5-92C4B112F598} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1ED078EF-C616-449A-9E71-3FF7CE79AF8D} - System32\Tasks\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => pcalua.exe -a C:\Users\Silvia\Documents\dbgview\DBGVIEW.EXE -d C:\Users\Silvia\Documents\dbgview
Task: {27018021-93D3-4181-A414-70E233096DA8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4CFDEB-63DC-4061-BBED-999970D6C986} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2013\bdproductdata.exe 
Task: {2F0D4068-C9FA-4B45-A7FC-625D0F57B02A} - System32\Tasks\{EE305C4B-2645-4AD4-AB31-8774E0D9EF4D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {34185101-2D74-4011-908B-B1FC4B4C4BE7} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe 
Task: {3F0C9060-E8B5-4D4D-B60B-15ED2B085296} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {40CA2C1C-8985-452E-B5F1-23E374E19F48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {43C4CCEB-42BC-4680-93D3-1C620439C826} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {44EF540E-C6D8-4717-9B55-5525DA621CDE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4A1A75AC-E505-48A8-ACAD-2FB594C0BB58} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {4BD94884-E059-4F7C-8455-62E2AA5A3DBE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated)
Task: {54D5411A-538D-4D2E-B0C2-D79A683DEEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5996EC8B-1C65-4C80-84F9-96E88B7A1A86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6300AB21-F4AE-4D28-97B2-6921A3833149} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {73CC6AD6-7914-402D-B519-52F325732A2B} - System32\Tasks\{C7DA0173-A309-4F90-B5F2-89918793E3A1} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.30.0.105.411/de/abandoninstall?page=tsProgressBar
Task: {7556EB99-AC76-4EE7-9CB3-0B4CCE2DCDB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {75B74FA7-121A-45AF-A58F-CE8474E83919} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {850E9F07-2096-4FE9-A733-FE077D4AABE5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {85E7851F-6507-45F7-B071-77F75A503F5B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8748D2C8-7B61-46D6-8560-B806F3E45DC2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {881323E1-6913-4B08-9348-3BBEDA2FED8C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {8B334E28-4173-4E7B-B70D-2239A7897ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8C128A29-BC22-409A-B3B4-B6A225FC4454} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9A651807-3F5E-4BD4-AAAF-938487ACD279} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9C7B57B7-F799-4A6C-929D-59D86F528183} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9D3B18C5-480C-4532-A960-D319D34E5EE7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {9FED81DA-52A7-4C9D-8AB0-16EFCF8E0626} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {A2A0F0F1-0AD4-4693-9963-A68C0DEBC0CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AB30CF4B-78EE-43C6-84AF-18B9600D7A09} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AC2B6A0D-936A-493E-AEBC-22346C4B382D} - System32\Tasks\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => pcalua.exe -a C:\Users\Silvia\Downloads\p-std.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {AF8E0C35-0478-480E-AB08-8B82E504A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {B24C4704-4B41-438C-A0D8-EB1B1B19B584} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {BCF1F663-95A5-46DA-A8D2-EEE34805A0B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C491C115-391E-4D12-8322-67457D3CA592} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CB902C20-D63C-4BA9-ABDC-BF90E0F37791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D00A0671-354F-4F46-90B3-CE483FFBB1D6} - System32\Tasks\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => pcalua.exe -a C:\Users\Silvia\Downloads\NeroClassic\nero60023.exe -d C:\Users\Silvia\Downloads\NeroClassic
Task: {D1A7B405-6102-4350-8033-19B49D45750C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D1E76148-5778-4CFB-BA87-2269DB3D4FD9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {D64C454A-E02D-4972-99F7-BF6AEF595F22} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D89CE4B1-DC7B-42F9-98E6-F9C8DE7003A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DC02FBDE-D986-497A-9492-9186C3C240E6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DEF7D778-88F3-48E0-8236-1247220EDAA7} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe 
Task: {EE38C2DC-835A-47AA-83A0-1A102876D107} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F1B6F95C-CAB2-4BFF-AA66-C6BB1E217B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F31AABE0-BE26-427E-8159-BF36BA8A0C32} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {F645E1B5-0C8C-49DE-8DF7-045D7C9C022E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {FB5C8F08-3D93-43D7-9E1F-FB95C61673F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FC32A813-B554-47A0-B581-AD88FB648F7B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-14 18:19 - 2015-11-04 13:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-04-14 18:18 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-04-14 18:19 - 2016-03-02 15:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2017-02-07 16:40 - 2017-02-07 16:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpbr.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpdsp.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpph.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttprbl.mdl
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-11-03 19:41 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-15 00:32 - 2016-10-15 00:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-16 11:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-16 11:05 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-16 11:05 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-13 08:41 - 2015-04-14 10:05 - 01428760 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-02-25 09:22 - 2017-02-25 09:33 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-25 09:22 - 2017-02-25 09:33 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-25 09:22 - 2017-02-25 09:33 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-08 10:11 - 2017-02-08 10:48 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-28 11:15 - 2017-03-01 10:04 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 15:18 - 2016-06-03 19:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-09 23:19 - 2016-03-09 23:21 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 09741592 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-04-13 08:35 - 2015-04-14 10:06 - 03929880 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02872600 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02136856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01960728 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 04463896 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01593624 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 05308184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02392344 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01171224 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01633560 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01341720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01312536 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 07374616 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01296664 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2017-03-11 19:44 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-11 19:45 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-11 19:44 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-11 19:45 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-11 19:44 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-11 19:45 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-11 19:44 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-11 19:44 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-11 19:44 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-11 19:44 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-11 19:45 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ALDI Bestellsoftware Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Barchart-windows64-online.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ccsetup402_slim.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\devolo-cockpit-v4-3-2.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Dropbox 2.0.26.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-14.3.20130522u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.0.20150113k.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer17x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jre-7u25-windows-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(3).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(4).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(5).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(6).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero Burning ROM Classic - CHIP-Installer.exe:BDU [1]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero2016-17.09.2015_stub_trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\OJ4500vG510a-f_Full_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SkypeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bbeb6448-8619-4f01-847d-26d45d85e6ac}.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{A16D0D75-C1D3-4A9C-897C-F38B6B7C302C}C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [TCP Query User{98E7D470-75B0-4BB0-BE29-C28E75AEB3DE}C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [UDP Query User{AFE7F784-2B6E-48F6-BFE6-1968B18CC041}C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [TCP Query User{E7F1EFFC-6FBA-447A-BF70-0265D3DC85C6}C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\silvia\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [{3DE67F7C-1488-4DB3-8A2A-45192F3C651A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D3A12754-2A57-4885-842D-8AA3ED44C871}] => (Allow) LPort=2869
FirewallRules: [{8CB8640B-5C1D-444A-B969-A40FEEF028E5}] => (Allow) LPort=1900
FirewallRules: [{B643C5E9-D117-47DF-89E0-DC8BD5C27470}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{27897909-3333-4AB8-8321-4ED5F0AB237E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D2BB4FB1-3B6F-4E99-96DC-654F3AC31DD7}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe
FirewallRules: [{6B62A0E8-45BC-49F9-BE74-CA06218D7D13}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{F75725D7-C713-4B7A-A979-7AC3FD886125}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF38764D-0E9B-4084-9CF7-D1E41BEFEF7C}] => (Allow) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8A8D2863-ABB3-42AE-9AF9-B0FC317B9A85}] => (Allow) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6F44C9FA-6900-4321-A40C-71E5F3DB4229}C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7353BFF7-2E8E-4604-A87C-628D1E18F507}C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\silvia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{BB3CDDFB-E575-40E3-AF96-EC124AB8C478}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5052DC34-BEE9-46AB-BC41-0D6B6F3B846A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{EAE81B79-64EC-438E-A279-0A664CF0C0D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{86ED9D49-92A7-4795-8D83-91E5ACCB5421}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{CBE5E590-C360-4CB0-8591-6BC691AB48C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{40FA4886-B709-4285-8700-D20A7C899841}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A7715B9B-E135-4400-B655-AF23B91BEBF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{790121A4-D0C5-40FC-B4AB-9059390D3A99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{D9903537-FE85-4551-B81A-0FBE70F225DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{61B662C9-1F70-4783-B60D-F237E452A5EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{92B05612-90E6-4B02-B1C6-C10FCE2412B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{44B923AA-F630-4A7E-B14F-81087372D9FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{432836EF-DB58-46EA-9A8B-90E59020A33A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A3E06F3E-E1F8-4C7C-83E8-27E4EB22A92D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{54E57F93-0567-445C-8DBB-B0058587755D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{D10B9EFF-85DE-4FF1-ABC2-F35CA80134F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EA26F5D1-A803-4CFB-AAFD-836AB0F952A3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{34663BF6-BB6C-4F3D-84B3-677582D5C4BF}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DE3C447D-EA6C-4A34-8249-984D573D6C9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17A526AA-66AE-4A46-B440-773E6F9EC345}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{02781F3E-E8F8-43B7-8A1F-45F972297ED2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E8296320-6604-4439-9EFD-3F63642BC566}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{85D703B9-2D95-4D9C-BA1B-1CF974F4EBF4}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{E3AC5DB4-4351-4F61-8C01-4547B18AF1F5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{00E90E81-6EB7-4406-B084-4819A7E6CC17}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{E3D334F6-4CEE-4F33-B199-9C4921992BF3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 12:24:37 Geplanter Prüfpunkt
23-02-2017 22:00:27 Windows Update
01-03-2017 20:02:06 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2017 10:53:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/02/2017 12:01:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/01/2017 08:04:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 10:23:12 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/28/2017 11:20:24 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


Systemfehler:
=============
Error: (03/11/2017 07:29:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 08:34:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 03:14:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:11:00 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 03:10:59 PM) (Source: DCOM) (EventID: 10010) (User: Silvia-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 02:50:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/09/2017 10:16:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/08/2017 11:54:02 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3305M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 3563.8 MB
Verfügbarer physikalischer RAM: 1222.12 MB
Summe virtueller Speicher: 7147.8 MB
Verfügbarer virtueller Speicher: 4464.65 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:178 GB) (Free:87.71 GB) NTFS
Drive d: () (Fixed) (Total:266.26 GB) (Free:72.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933609DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=27)

==================== Ende von Addition.txt ============================
         
__________________

Alt 11.03.2017, 20:47   #4
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



TSSKiller (war zu groß für die erste Antwort, muss ich jetzt auch auf drei Beiträge aufteilen. Scan habe ich zweimal ausgeführt, weil ich denk Report weggedrückt habe, aber kein Fund)

Teil 1:

Code:
ATTFilter
20:19:08.0390 0x0b54  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
20:19:26.0429 0x0b54  ============================================================
20:19:26.0430 0x0b54  Current date / time: 2017/03/11 20:19:26.0429
20:19:26.0430 0x0b54  SystemInfo:
20:19:26.0471 0x0b54  
20:19:26.0471 0x0b54  OS Version: 10.0.14393 ServicePack: 0.0
20:19:26.0471 0x0b54  Product type: Workstation
20:19:26.0471 0x0b54  ComputerName: SILVIA-PC
20:19:26.0472 0x0b54  UserName: Silvia
20:19:26.0472 0x0b54  Windows directory: C:\WINDOWS
20:19:26.0472 0x0b54  System windows directory: C:\WINDOWS
20:19:26.0472 0x0b54  Running under WOW64
20:19:26.0472 0x0b54  Processor architecture: Intel x64
20:19:26.0472 0x0b54  Number of processors: 2
20:19:26.0472 0x0b54  Page size: 0x1000
20:19:26.0472 0x0b54  Boot type: Normal boot
20:19:26.0472 0x0b54  CodeIntegrityOptions = 0x00000001
20:19:26.0472 0x0b54  ============================================================
20:19:26.0691 0x0b54  KLMD registered as C:\WINDOWS\system32\drivers\51284622.sys
20:19:26.0691 0x0b54  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
20:19:27.0290 0x0b54  System UUID: {E73865C2-12F2-5213-8A51-9F213AE74EFA}
20:19:28.0080 0x0b54  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:28.0088 0x0b54  ============================================================
20:19:28.0088 0x0b54  \Device\Harddisk0\DR0:
20:19:28.0088 0x0b54  MBR partitions:
20:19:28.0088 0x0b54  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:19:28.0088 0x0b54  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16400000
20:19:28.0104 0x0b54  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x16433000, BlocksNum 0x21485800
20:19:28.0104 0x0b54  ============================================================
20:19:28.0143 0x0b54  C: <-> \Device\Harddisk0\DR0\Partition2
20:19:28.0177 0x0b54  D: <-> \Device\Harddisk0\DR0\Partition3
20:19:28.0177 0x0b54  ============================================================
20:19:28.0177 0x0b54  Initialize success
20:19:28.0177 0x0b54  ============================================================
20:21:04.0591 0x1468  ============================================================
20:21:04.0591 0x1468  Scan started
20:21:04.0591 0x1468  Mode: Manual; SigCheck; TDLFS; 
20:21:04.0591 0x1468  ============================================================
20:21:04.0591 0x1468  KSN ping started
20:21:04.0791 0x1468  KSN ping finished: true
20:21:11.0038 0x1468  ================ Scan system memory ========================
20:21:11.0038 0x1468  System memory - ok
20:21:11.0039 0x1468  ================ Scan services =============================
20:21:11.0228 0x1468  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:21:11.0313 0x1468  1394ohci - ok
20:21:11.0354 0x1468  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:21:11.0383 0x1468  3ware - ok
20:21:11.0455 0x1468  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:21:11.0506 0x1468  ACPI - ok
20:21:11.0568 0x1468  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
20:21:11.0610 0x1468  AcpiDev - ok
20:21:11.0640 0x1468  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:21:11.0668 0x1468  acpiex - ok
20:21:11.0688 0x1468  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:21:11.0731 0x1468  acpipagr - ok
20:21:11.0756 0x1468  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:21:11.0798 0x1468  AcpiPmi - ok
20:21:11.0840 0x1468  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:21:11.0866 0x1468  acpitime - ok
20:21:11.0978 0x1468  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:21:12.0105 0x1468  AdobeARMservice - ok
20:21:12.0216 0x1468  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:21:12.0271 0x1468  AdobeFlashPlayerUpdateSvc - ok
20:21:12.0343 0x1468  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:21:12.0412 0x1468  ADP80XX - ok
20:21:12.0495 0x1468  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:21:12.0541 0x1468  AFD - ok
20:21:12.0582 0x1468  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:21:12.0621 0x1468  ahcache - ok
20:21:12.0663 0x1468  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:21:12.0690 0x1468  AJRouter - ok
20:21:12.0721 0x1468  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
20:21:12.0763 0x1468  ALG - ok
20:21:12.0800 0x1468  [ 521248FA26458669BAAE6AB7DB21F3AC, 2C609E80220EDDFFE0A44A376D450F461597D00E5F4E526D10FF09E66D06A9B7 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:21:12.0835 0x1468  AMD External Events Utility - ok
20:21:12.0919 0x1468  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
20:21:12.0951 0x1468  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
20:21:13.0241 0x1468  Detect skipped due to KSN trusted
20:21:13.0241 0x1468  AMD FUEL Service - ok
20:21:13.0291 0x1468  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:21:13.0327 0x1468  AmdK8 - ok
20:21:13.0352 0x1468  amdkmdag - ok
20:21:13.0408 0x1468  [ AD96CC96B6A0CEE8910A13679426C970, 18005892C57CF8F3B2F09C3DDEC10612EC9B1C14BB057196AAE209D2703FF06E ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:21:13.0456 0x1468  amdkmdap - ok
20:21:13.0511 0x1468  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:21:13.0542 0x1468  AmdPPM - ok
20:21:13.0566 0x1468  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:21:13.0590 0x1468  amdsata - ok
20:21:13.0627 0x1468  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:21:13.0660 0x1468  amdsbs - ok
20:21:13.0688 0x1468  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:21:13.0720 0x1468  amdxata - ok
20:21:13.0757 0x1468  [ BB4FE7889DB9CBBE61A308E99697F53C, 0B6B301EC8C2B9CBDBAEEBC54E3D3E6FE6A3A51F71E75FFE71AE30ADF8FC5E23 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
20:21:13.0785 0x1468  amd_sata - ok
20:21:13.0814 0x1468  [ 5631CBA53F1CBEA3F9E88348E6723391, 5F20FF4F651733A097990DDC3748CD00F3310B0B55BC975FA3654CDA740E0A3D ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
20:21:13.0829 0x1468  amd_xata - ok
20:21:13.0863 0x1468  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:21:13.0880 0x1468  AODDriver4.3 - ok
20:21:13.0929 0x1468  [ 5B0F4FB165256DE463A51E3A3127969E, 6751ADFFE95FA671C584427A9624EEB79518DE08132FD7A83148700B75487316 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
20:21:13.0961 0x1468  AppHostSvc - ok
20:21:14.0004 0x1468  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:21:14.0031 0x1468  AppID - ok
20:21:14.0084 0x1468  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:21:14.0128 0x1468  AppIDSvc - ok
20:21:14.0164 0x1468  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:21:14.0197 0x1468  Appinfo - ok
20:21:14.0220 0x1468  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
20:21:14.0277 0x1468  applockerfltr - ok
20:21:14.0347 0x1468  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:21:14.0422 0x1468  AppReadiness - ok
20:21:14.0567 0x1468  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:21:14.0793 0x1468  AppXSvc - ok
20:21:14.0822 0x1468  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:21:14.0851 0x1468  arcsas - ok
20:21:15.0012 0x1468  [ 5EE26734A882478AF6696092E2E0F352, 6CACFF521B3B839F73EBEB6EFBFDCCA8A8BC319DDB254BE3EFE29A39040B2C26 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:21:15.0037 0x1468  aspnet_state - ok
20:21:15.0085 0x1468  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:21:15.0149 0x1468  AsyncMac - ok
20:21:15.0198 0x1468  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:21:15.0237 0x1468  atapi - ok
20:21:15.0395 0x1468  [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr            C:\WINDOWS\System32\drivers\athwnx.sys
20:21:15.0660 0x1468  athr - ok
20:21:15.0732 0x1468  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
20:21:15.0788 0x1468  AtiHDAudioService - ok
20:21:15.0835 0x1468  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:21:15.0896 0x1468  AudioEndpointBuilder - ok
20:21:15.0953 0x1468  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:21:16.0058 0x1468  Audiosrv - ok
20:21:16.0164 0x1468  [ B18699497436228F1109132D669CF29A, 1A358BC7E7931FE43B1038E33EBEA365476E5A2EFB9476F47E3476A3669063FB ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
20:21:16.0241 0x1468  avc3 - ok
20:21:16.0341 0x1468  [ 1251FB8BF8E6B6129065326A3E8A4378, 1AF1DAE71A8126A875AC3197FD69BCD52949DC08694A29EAB6FA3ED31695BDED ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
20:21:16.0387 0x1468  avckf - ok
20:21:16.0454 0x1468  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:21:16.0487 0x1468  AxInstSV - ok
20:21:16.0543 0x1468  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:21:16.0584 0x1468  b06bdrv - ok
20:21:16.0624 0x1468  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:21:16.0651 0x1468  BasicDisplay - ok
20:21:16.0675 0x1468  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:21:16.0702 0x1468  BasicRender - ok
20:21:16.0735 0x1468  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
20:21:16.0760 0x1468  bcmfn - ok
20:21:16.0787 0x1468  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:21:16.0829 0x1468  bcmfn2 - ok
20:21:16.0873 0x1468  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:21:16.0954 0x1468  BDESVC - ok
20:21:17.0049 0x1468  [ 0B3BADC084AB1592D6E2D4CFA3AA2461, C62860DF753E455D2D4FFFE04CB26D84590947A4B41FA853D83A8F8EB9E80F9C ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
20:21:17.0073 0x1468  bdfwfpf - ok
20:21:17.0109 0x1468  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:21:17.0148 0x1468  Beep - ok
20:21:17.0202 0x1468  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
20:21:17.0267 0x1468  BFE - ok
20:21:17.0338 0x1468  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
20:21:17.0428 0x1468  BITS - ok
20:21:17.0470 0x1468  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:21:17.0500 0x1468  bowser - ok
20:21:17.0556 0x1468  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:21:17.0620 0x1468  BrokerInfrastructure - ok
20:21:17.0663 0x1468  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
20:21:17.0696 0x1468  Browser - ok
20:21:17.0738 0x1468  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:21:17.0765 0x1468  BthAvrcpTg - ok
20:21:17.0790 0x1468  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:21:17.0819 0x1468  BthHFEnum - ok
20:21:17.0846 0x1468  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:21:17.0873 0x1468  bthhfhid - ok
20:21:17.0902 0x1468  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:21:17.0944 0x1468  BthHFSrv - ok
20:21:17.0970 0x1468  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:21:17.0998 0x1468  BTHMODEM - ok
20:21:18.0032 0x1468  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:21:18.0065 0x1468  bthserv - ok
20:21:18.0104 0x1468  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:21:18.0131 0x1468  buttonconverter - ok
20:21:18.0170 0x1468  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:21:18.0203 0x1468  CapImg - ok
20:21:18.0231 0x1468  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:21:18.0275 0x1468  cdfs - ok
20:21:18.0330 0x1468  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:21:18.0377 0x1468  CDPSvc - ok
20:21:18.0405 0x1468  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
20:21:18.0448 0x1468  CDPUserSvc - ok
20:21:18.0509 0x1468  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:21:18.0542 0x1468  cdrom - ok
20:21:18.0583 0x1468  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:21:18.0624 0x1468  CertPropSvc - ok
20:21:18.0673 0x1468  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
20:21:18.0708 0x1468  cht4iscsi - ok
20:21:18.0800 0x1468  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
20:21:18.0968 0x1468  cht4vbd - ok
20:21:19.0027 0x1468  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:21:19.0055 0x1468  circlass - ok
20:21:19.0098 0x1468  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:21:19.0140 0x1468  CLFS - ok
20:21:19.0213 0x1468  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:21:19.0269 0x1468  ClipSVC - ok
20:21:19.0321 0x1468  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
20:21:19.0350 0x1468  clreg - ok
20:21:19.0403 0x1468  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
20:21:19.0418 0x1468  clwvd - ok
20:21:19.0467 0x1468  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:21:19.0494 0x1468  CmBatt - ok
20:21:19.0548 0x1468  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:21:19.0595 0x1468  CNG - ok
20:21:19.0644 0x1468  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:21:19.0666 0x1468  cnghwassist - ok
20:21:19.0837 0x1468  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
20:21:19.0875 0x1468  CompositeBus - ok
20:21:19.0884 0x1468  COMSysApp - ok
20:21:19.0921 0x1468  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:21:19.0943 0x1468  condrv - ok
20:21:20.0010 0x1468  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:21:20.0064 0x1468  CoreMessagingRegistrar - ok
20:21:20.0115 0x1468  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:21:20.0163 0x1468  CryptSvc - ok
20:21:20.0304 0x1468  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:21:20.0384 0x1468  cvhsvc - ok
20:21:20.0430 0x1468  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:21:20.0463 0x1468  dam - ok
20:21:20.0542 0x1468  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:21:20.0620 0x1468  DcomLaunch - ok
20:21:20.0683 0x1468  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
20:21:20.0726 0x1468  DcpSvc - ok
20:21:20.0787 0x1468  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:21:20.0846 0x1468  defragsvc - ok
20:21:20.0902 0x1468  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:21:20.0953 0x1468  DeviceAssociationService - ok
20:21:20.0987 0x1468  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:21:21.0028 0x1468  DeviceInstall - ok
20:21:21.0224 0x1468  [ C344E9B44C05326218B07AFB8A2AE754, 7828BACF197A6E6FF4086CB54396B8B2B7089270281B40E0434B951FC7AB7B91 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
20:21:21.0423 0x1468  DevoloNetworkService - ok
20:21:21.0487 0x1468  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:21:21.0529 0x1468  DevQueryBroker - ok
20:21:21.0579 0x1468  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:21:21.0611 0x1468  Dfsc - ok
20:21:21.0678 0x1468  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:21:21.0737 0x1468  Dhcp - ok
20:21:21.0873 0x1468  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:21:21.0904 0x1468  diagnosticshub.standardcollector.service - ok
20:21:22.0130 0x1468  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:21:22.0262 0x1468  DiagTrack - ok
20:21:22.0331 0x1468  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:21:22.0363 0x1468  disk - ok
20:21:22.0425 0x1468  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:21:22.0479 0x1468  DmEnrollmentSvc - ok
20:21:22.0517 0x1468  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:21:22.0555 0x1468  dmvsc - ok
20:21:22.0612 0x1468  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:21:22.0689 0x1468  dmwappushservice - ok
20:21:22.0739 0x1468  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:21:22.0792 0x1468  Dnscache - ok
20:21:22.0829 0x1468  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:21:22.0869 0x1468  dot3svc - ok
20:21:22.0900 0x1468  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
20:21:22.0934 0x1468  DPS - ok
20:21:22.0985 0x1468  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
20:21:23.0007 0x1468  drmkaud - ok
20:21:23.0043 0x1468  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:21:23.0099 0x1468  DsmSvc - ok
20:21:23.0144 0x1468  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:21:23.0199 0x1468  DsSvc - ok
20:21:23.0360 0x1468  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:21:23.0470 0x1468  DXGKrnl - ok
20:21:23.0538 0x1468  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:21:23.0576 0x1468  EapHost - ok
20:21:23.0719 0x1468  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:21:23.0889 0x1468  ebdrv - ok
20:21:23.0980 0x1468  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
20:21:24.0006 0x1468  EFS - ok
20:21:24.0050 0x1468  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:21:24.0074 0x1468  EhStorClass - ok
20:21:24.0107 0x1468  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:21:24.0134 0x1468  EhStorTcgDrv - ok
20:21:24.0164 0x1468  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:21:24.0202 0x1468  embeddedmode - ok
20:21:24.0247 0x1468  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:21:24.0288 0x1468  EntAppSvc - ok
20:21:24.0319 0x1468  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:21:24.0345 0x1468  ErrDev - ok
20:21:24.0393 0x1468  [ EFE74410FCB752DEDB9E8BFAE6552772, 07CA41742AF48E970AEEE0F62563036FC0BC4AA849AEB7348CF211DADB227F3B ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
20:21:24.0431 0x1468  ETD - ok
20:21:24.0520 0x1468  [ 843E6C9C663AF3D5148C010AFCCD3ABC, 028591C35E871A5F6CBD56828A778BB9F21A61A8C1FEC787E1375F289206295A ] ETDService      C:\Program Files\Elantech\ETDService.exe
20:21:24.0540 0x1468  ETDService - ok
20:21:24.0599 0x1468  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
20:21:24.0648 0x1468  EventSystem - ok
20:21:24.0700 0x1468  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:21:24.0744 0x1468  exfat - ok
20:21:24.0796 0x1468  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:21:24.0830 0x1468  fastfat - ok
20:21:24.0896 0x1468  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:21:24.0969 0x1468  Fax - ok
20:21:25.0018 0x1468  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:21:25.0044 0x1468  fdc - ok
20:21:25.0076 0x1468  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:21:25.0124 0x1468  fdPHost - ok
20:21:25.0146 0x1468  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:21:25.0180 0x1468  FDResPub - ok
20:21:25.0215 0x1468  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:21:25.0247 0x1468  fhsvc - ok
20:21:25.0283 0x1468  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:21:25.0312 0x1468  FileCrypt - ok
20:21:25.0342 0x1468  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:21:25.0376 0x1468  FileInfo - ok
20:21:25.0418 0x1468  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:21:25.0448 0x1468  Filetrace - ok
20:21:25.0456 0x1468  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:21:25.0485 0x1468  flpydisk - ok
20:21:25.0519 0x1468  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:21:25.0555 0x1468  FltMgr - ok
20:21:25.0654 0x1468  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:21:25.0771 0x1468  FontCache - ok
20:21:25.0875 0x1468  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:21:25.0899 0x1468  FontCache3.0.0.0 - ok
20:21:25.0956 0x1468  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
20:21:26.0038 0x1468  FrameServer - ok
20:21:26.0107 0x1468  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:21:26.0129 0x1468  FsDepends - ok
20:21:26.0150 0x1468  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:21:26.0172 0x1468  Fs_Rec - ok
20:21:26.0230 0x1468  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:21:26.0277 0x1468  fvevol - ok
20:21:26.0390 0x1468  [ 521A469CAF61F00E1DE081CC2099C1D6, 5BF39C9797A28674203D5C3D5D942978B9C66F658A43D7696B4BE3E8A7880EB9 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
20:21:26.0445 0x1468  GameConsoleService - ok
20:21:26.0517 0x1468  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:21:26.0542 0x1468  gencounter - ok
20:21:26.0572 0x1468  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:21:26.0597 0x1468  genericusbfn - ok
20:21:26.0638 0x1468  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:21:26.0684 0x1468  GPIOClx0101 - ok
20:21:26.0776 0x1468  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:21:26.0868 0x1468  gpsvc - ok
20:21:26.0927 0x1468  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:21:26.0951 0x1468  GpuEnergyDrv - ok
20:21:27.0045 0x1468  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:27.0323 0x1468  gupdate - ok
20:21:27.0333 0x1468  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:27.0464 0x1468  gupdatem - ok
20:21:27.0500 0x1468  [ 06BFA49C4D999E93E214DB4E8044DE0B, 5E339A2A6858AA59F8B0879AB4CB87DBC6622322259CB612594552DDE831ACD0 ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
20:21:27.0521 0x1468  gzflt - ok
20:21:27.0554 0x1468  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:21:27.0584 0x1468  HDAudBus - ok
20:21:27.0616 0x1468  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:21:27.0637 0x1468  HidBatt - ok
20:21:27.0671 0x1468  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:21:27.0701 0x1468  HidBth - ok
20:21:27.0724 0x1468  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:21:27.0751 0x1468  hidi2c - ok
20:21:27.0778 0x1468  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:21:27.0801 0x1468  hidinterrupt - ok
20:21:27.0830 0x1468  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:21:27.0858 0x1468  HidIr - ok
20:21:27.0907 0x1468  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:21:27.0948 0x1468  hidserv - ok
20:21:28.0013 0x1468  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:21:28.0039 0x1468  HidUsb - ok
20:21:28.0088 0x1468  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:21:28.0129 0x1468  HomeGroupListener - ok
20:21:28.0177 0x1468  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:21:28.0243 0x1468  HomeGroupProvider - ok
20:21:28.0452 0x1468  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:21:28.0490 0x1468  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
20:21:28.0755 0x1468  Detect skipped due to KSN trusted
20:21:28.0755 0x1468  hpqcxs08 - ok
20:21:28.0807 0x1468  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:21:28.0837 0x1468  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
20:21:29.0100 0x1468  Detect skipped due to KSN trusted
20:21:29.0100 0x1468  hpqddsvc - ok
20:21:29.0148 0x1468  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:21:29.0178 0x1468  HpSAMD - ok
20:21:29.0276 0x1468  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:21:29.0364 0x1468  HTTP - ok
20:21:29.0435 0x1468  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
20:21:29.0467 0x1468  HvHost - ok
20:21:29.0517 0x1468  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
20:21:29.0542 0x1468  hvservice - ok
20:21:29.0579 0x1468  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:21:29.0602 0x1468  hwpolicy - ok
20:21:29.0635 0x1468  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:21:29.0663 0x1468  hyperkbd - ok
20:21:29.0708 0x1468  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:21:29.0739 0x1468  i8042prt - ok
20:21:29.0760 0x1468  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
20:21:29.0789 0x1468  iagpio - ok
20:21:29.0831 0x1468  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:21:29.0861 0x1468  iai2c - ok
20:21:29.0872 0x1468  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
20:21:29.0902 0x1468  iaLPSS2i_GPIO2 - ok
20:21:29.0922 0x1468  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:21:29.0948 0x1468  iaLPSS2i_I2C - ok
20:21:29.0988 0x1468  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:21:30.0005 0x1468  iaLPSSi_GPIO - ok
20:21:30.0032 0x1468  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:21:30.0072 0x1468  iaLPSSi_I2C - ok
20:21:30.0142 0x1468  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:21:30.0191 0x1468  iaStorAV - ok
20:21:30.0235 0x1468  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:21:30.0273 0x1468  iaStorV - ok
20:21:30.0315 0x1468  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:21:30.0357 0x1468  ibbus - ok
20:21:30.0436 0x1468  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:21:30.0475 0x1468  icssvc - ok
20:21:30.0558 0x1468  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:21:30.0667 0x1468  IKEEXT - ok
20:21:30.0729 0x1468  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
20:21:30.0756 0x1468  IndirectKmd - ok
20:21:31.0074 0x1468  [ 8DEDB08D32562867A3E83F0184F39ED4, 48D5A490C436386BA9BD0F9173E96346118C5E584099F2F31B0E931FF96BB4B9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:21:31.0272 0x1468  IntcAzAudAddService - ok
20:21:31.0348 0x1468  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:21:31.0369 0x1468  intelide - ok
20:21:31.0408 0x1468  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:21:31.0431 0x1468  intelpep - ok
20:21:31.0470 0x1468  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:21:31.0501 0x1468  intelppm - ok
20:21:31.0541 0x1468  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
20:21:31.0564 0x1468  iorate - ok
20:21:31.0588 0x1468  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:21:31.0618 0x1468  IpFilterDriver - ok
20:21:31.0687 0x1468  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:21:31.0761 0x1468  iphlpsvc - ok
20:21:31.0819 0x1468  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:21:31.0843 0x1468  IPMIDRV - ok
20:21:31.0874 0x1468  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:21:31.0909 0x1468  IPNAT - ok
20:21:31.0942 0x1468  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
20:21:31.0989 0x1468  irda - ok
20:21:32.0014 0x1468  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:21:32.0048 0x1468  IRENUM - ok
20:21:32.0079 0x1468  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
20:21:32.0109 0x1468  irmon - ok
20:21:32.0130 0x1468  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:21:32.0152 0x1468  isapnp - ok
20:21:32.0191 0x1468  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:21:32.0222 0x1468  iScsiPrt - ok
20:21:32.0269 0x1468  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:21:32.0292 0x1468  kbdclass - ok
20:21:32.0319 0x1468  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:21:32.0345 0x1468  kbdhid - ok
20:21:32.0444 0x1468  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:21:32.0493 0x1468  kdnic - ok
20:21:32.0534 0x1468  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:21:32.0559 0x1468  KeyIso - ok
20:21:32.0605 0x1468  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:21:32.0630 0x1468  KSecDD - ok
20:21:32.0693 0x1468  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:21:32.0719 0x1468  KSecPkg - ok
20:21:32.0748 0x1468  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:21:32.0782 0x1468  ksthunk - ok
20:21:32.0837 0x1468  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:21:32.0882 0x1468  KtmRm - ok
20:21:32.0937 0x1468  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:21:32.0983 0x1468  LanmanServer - ok
20:21:33.0034 0x1468  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:21:33.0078 0x1468  LanmanWorkstation - ok
20:21:33.0129 0x1468  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:21:33.0156 0x1468  lfsvc - ok
20:21:33.0199 0x1468  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:21:33.0241 0x1468  LicenseManager - ok
20:21:33.0274 0x1468  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:21:33.0303 0x1468  lltdio - ok
20:21:33.0341 0x1468  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:21:33.0382 0x1468  lltdsvc - ok
20:21:33.0434 0x1468  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:21:33.0474 0x1468  lmhosts - ok
20:21:33.0526 0x1468  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:21:33.0550 0x1468  LSI_SAS - ok
20:21:33.0574 0x1468  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:21:33.0600 0x1468  LSI_SAS2i - ok
20:21:33.0626 0x1468  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:21:33.0670 0x1468  LSI_SAS3i - ok
20:21:33.0682 0x1468  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:21:33.0724 0x1468  LSI_SSS - ok
20:21:33.0790 0x1468  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
20:21:33.0863 0x1468  LSM - ok
20:21:33.0895 0x1468  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:21:33.0930 0x1468  luafv - ok
20:21:33.0976 0x1468  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:21:34.0007 0x1468  MapsBroker - ok
20:21:34.0028 0x1468  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:21:34.0051 0x1468  megasas - ok
20:21:34.0091 0x1468  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
20:21:34.0114 0x1468  megasas2i - ok
20:21:34.0148 0x1468  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:21:34.0193 0x1468  megasr - ok
20:21:34.0266 0x1468  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:21:34.0312 0x1468  MessagingService - ok
20:21:34.0402 0x1468  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:21:34.0457 0x1468  mlx4_bus - ok
20:21:34.0497 0x1468  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:21:34.0524 0x1468  MMCSS - ok
20:21:34.0565 0x1468  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:21:34.0591 0x1468  Modem - ok
20:21:34.0614 0x1468  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:21:34.0640 0x1468  monitor - ok
20:21:34.0665 0x1468  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:21:34.0687 0x1468  mouclass - ok
20:21:34.0704 0x1468  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:21:34.0730 0x1468  mouhid - ok
20:21:34.0758 0x1468  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:21:34.0783 0x1468  mountmgr - ok
20:21:34.0859 0x1468  [ 1EB0251DD31BC9C594D2D87EDE8F8EF4, C9B03461F894A681545994AF9C0555ED92D32617EED344360C1784EE6E2AAC9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:21:34.0910 0x1468  MozillaMaintenance - ok
20:21:34.0934 0x1468  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:21:34.0963 0x1468  mpsdrv - ok
20:21:35.0027 0x1468  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:21:35.0099 0x1468  MpsSvc - ok
20:21:35.0167 0x1468  [ 4FC62380457DE25B69011D3542E954AC, D212DDD2446618A6215CF9FC370FA2634F027BC92D1D4999E019BEF8A86AA6EB ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
20:21:35.0199 0x1468  MQAC - ok
20:21:35.0262 0x1468  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:21:35.0293 0x1468  MRxDAV - ok
20:21:35.0358 0x1468  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:21:35.0398 0x1468  mrxsmb - ok
20:21:35.0449 0x1468  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:21:35.0487 0x1468  mrxsmb10 - ok
20:21:35.0524 0x1468  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:21:35.0553 0x1468  mrxsmb20 - ok
20:21:35.0621 0x1468  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:21:35.0652 0x1468  MsBridge - ok
20:21:35.0688 0x1468  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:21:35.0723 0x1468  MSDTC - ok
20:21:35.0804 0x1468  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:21:35.0872 0x1468  Msfs - ok
20:21:35.0895 0x1468  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:21:35.0918 0x1468  msgpiowin32 - ok
20:21:35.0967 0x1468  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:21:36.0017 0x1468  mshidkmdf - ok
20:21:36.0041 0x1468  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:21:36.0067 0x1468  mshidumdf - ok
20:21:36.0091 0x1468  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:21:36.0112 0x1468  msisadrv - ok
20:21:36.0208 0x1468  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:21:36.0241 0x1468  MSiSCSI - ok
20:21:36.0248 0x1468  msiserver - ok
20:21:36.0299 0x1468  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:21:36.0332 0x1468  MSKSSRV - ok
20:21:36.0396 0x1468  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:21:36.0425 0x1468  MsLldp - ok
20:21:36.0468 0x1468  [ F3EF38D07A4ADCDF922EEEAF0FED7D4D, B9D436BFA29AA0A7B00889D96C4F8BC33C1809E19B7A71A69AB2E534E9794BF0 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
20:21:36.0495 0x1468  MSMQ - ok
20:21:36.0516 0x1468  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:21:36.0558 0x1468  MSPCLOCK - ok
20:21:36.0600 0x1468  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:21:36.0632 0x1468  MSPQM - ok
20:21:36.0708 0x1468  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:21:36.0743 0x1468  MsRPC - ok
20:21:36.0765 0x1468  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:21:36.0786 0x1468  mssmbios - ok
20:21:36.0819 0x1468  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:21:36.0851 0x1468  MSTEE - ok
20:21:36.0879 0x1468  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:21:36.0904 0x1468  MTConfig - ok
20:21:36.0928 0x1468  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:21:36.0962 0x1468  Mup - ok
20:21:36.0990 0x1468  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:21:37.0013 0x1468  mvumis - ok
20:21:37.0124 0x1468  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:21:37.0178 0x1468  NativeWifiP - ok
20:21:37.0370 0x1468  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
20:21:37.0441 0x1468  NAUpdate - ok
20:21:37.0492 0x1468  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:21:37.0528 0x1468  NcaSvc - ok
20:21:37.0566 0x1468  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:21:37.0619 0x1468  NcbService - ok
20:21:37.0638 0x1468  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:21:37.0764 0x1468  NcdAutoSetup - ok
20:21:37.0818 0x1468  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:21:37.0842 0x1468  ndfltr - ok
20:21:37.0898 0x1468  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:21:37.0967 0x1468  NDIS - ok
20:21:38.0016 0x1468  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:21:38.0070 0x1468  NdisCap - ok
20:21:38.0107 0x1468  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:21:38.0138 0x1468  NdisImPlatform - ok
20:21:38.0155 0x1468  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:21:38.0190 0x1468  NdisTapi - ok
20:21:38.0218 0x1468  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:21:38.0270 0x1468  Ndisuio - ok
20:21:38.0293 0x1468  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:21:38.0336 0x1468  NdisVirtualBus - ok
20:21:38.0371 0x1468  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:21:38.0414 0x1468  NdisWan - ok
20:21:38.0427 0x1468  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:21:38.0470 0x1468  ndiswanlegacy - ok
20:21:38.0499 0x1468  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:21:38.0534 0x1468  ndproxy - ok
20:21:38.0567 0x1468  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:21:38.0607 0x1468  Ndu - ok
20:21:38.0656 0x1468  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:21:38.0674 0x1468  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:21:38.0935 0x1468  Detect skipped due to KSN trusted
20:21:38.0935 0x1468  Net Driver HPZ12 - ok
20:21:38.0967 0x1468  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
20:21:39.0002 0x1468  NetAdapterCx - ok
20:21:39.0022 0x1468  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:21:39.0046 0x1468  NetBIOS - ok
20:21:39.0096 0x1468  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:21:39.0144 0x1468  NetBT - ok
20:21:39.0180 0x1468  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:21:39.0207 0x1468  Netlogon - ok
20:21:39.0255 0x1468  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
20:21:39.0298 0x1468  Netman - ok
20:21:39.0357 0x1468  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:39.0424 0x1468  NetMsmqActivator - ok
20:21:39.0437 0x1468  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:39.0472 0x1468  NetPipeActivator - ok
20:21:39.0521 0x1468  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:21:39.0582 0x1468  netprofm - ok
20:21:39.0635 0x1468  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:21:39.0677 0x1468  NetSetupSvc - ok
20:21:39.0687 0x1468  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:39.0721 0x1468  NetTcpActivator - ok
20:21:39.0732 0x1468  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:39.0763 0x1468  NetTcpPortSharing - ok
20:21:39.0800 0x1468  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:21:39.0845 0x1468  NgcCtnrSvc - ok
20:21:39.0908 0x1468  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:21:40.0048 0x1468  NgcSvc - ok
20:21:40.0118 0x1468  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:21:40.0181 0x1468  NlaSvc - ok
20:21:40.0355 0x1468  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:21:40.0475 0x1468  NOBU - ok
20:21:40.0542 0x1468  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:21:40.0578 0x1468  Npfs - ok
20:21:40.0663 0x1468  [ BD6ADDB3BB8B73C314B683A8E346C0FE, A6B0B5939AD38C13395C5C6F9BF5458A1EEB2CE3D01721224CAED4931D55FEB5 ] NPF_devolo      C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys
20:21:40.0679 0x1468  NPF_devolo - ok
20:21:40.0721 0x1468  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:21:40.0747 0x1468  npsvctrig - ok
20:21:40.0785 0x1468  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:21:40.0815 0x1468  nsi - ok
20:21:40.0857 0x1468  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:21:40.0883 0x1468  nsiproxy - ok
20:21:41.0003 0x1468  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:21:41.0210 0x1468  NTFS - ok
20:21:41.0264 0x1468  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:21:41.0289 0x1468  Null - ok
20:21:41.0318 0x1468  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:21:41.0345 0x1468  nvraid - ok
20:21:41.0386 0x1468  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:21:41.0413 0x1468  nvstor - ok
20:21:41.0453 0x1468  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:21:41.0496 0x1468  OneSyncSvc - ok
20:21:41.0604 0x1468  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:21:41.0640 0x1468  ose - ok
20:21:41.0930 0x1468  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:21:42.0146 0x1468  osppsvc - ok
20:21:42.0243 0x1468  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:21:42.0288 0x1468  p2pimsvc - ok
20:21:42.0349 0x1468  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:21:42.0401 0x1468  p2psvc - ok
20:21:42.0444 0x1468  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:21:42.0474 0x1468  Parport - ok
20:21:42.0517 0x1468  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:21:42.0542 0x1468  partmgr - ok
20:21:42.0588 0x1468  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:21:42.0634 0x1468  PcaSvc - ok
20:21:42.0690 0x1468  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:21:42.0723 0x1468  pci - ok
20:21:42.0762 0x1468  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:21:42.0782 0x1468  pciide - ok
20:21:42.0808 0x1468  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:21:42.0835 0x1468  pcmcia - ok
20:21:42.0863 0x1468  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:21:42.0886 0x1468  pcw - ok
20:21:42.0928 0x1468  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:21:42.0953 0x1468  pdc - ok
20:21:43.0026 0x1468  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:21:43.0099 0x1468  PEAUTH - ok
20:21:43.0156 0x1468  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:21:43.0203 0x1468  percsas2i - ok
20:21:43.0230 0x1468  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:21:43.0253 0x1468  percsas3i - ok
20:21:43.0292 0x1468  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:21:43.0327 0x1468  PerfHost - ok
20:21:43.0406 0x1468  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:21:43.0473 0x1468  PhoneSvc - ok
20:21:43.0518 0x1468  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:21:43.0556 0x1468  PimIndexMaintenanceSvc - ok
20:21:43.0646 0x1468  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
20:21:43.0776 0x1468  pla - ok
20:21:43.0817 0x1468  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:21:43.0859 0x1468  PlugPlay - ok
20:21:43.0910 0x1468  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:21:43.0936 0x1468  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:21:44.0206 0x1468  Detect skipped due to KSN trusted
20:21:44.0206 0x1468  Pml Driver HPZ12 - ok
20:21:44.0226 0x1468  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:21:44.0256 0x1468  PNRPAutoReg - ok
20:21:44.0295 0x1468  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:21:44.0340 0x1468  PNRPsvc - ok
20:21:44.0393 0x1468  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:21:44.0441 0x1468  PolicyAgent - ok
20:21:44.0478 0x1468  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
20:21:44.0514 0x1468  Power - ok
20:21:44.0563 0x1468  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:21:44.0600 0x1468  PptpMiniport - ok
20:21:44.0780 0x1468  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:21:44.0986 0x1468  PrintNotify - ok
20:21:45.0054 0x1468  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:21:45.0087 0x1468  Processor - ok
20:21:45.0198 0x1468  [ BA2DA685FB152180908C7D778B2BBD61, 335C81941855D3DE90443E47E42D44645BE2AB736334DB96C0890D82EEF03475 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
20:21:45.0273 0x1468  ProductAgentService - ok
20:21:45.0318 0x1468  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:21:45.0382 0x1468  ProfSvc - ok
20:21:45.0424 0x1468  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:21:45.0451 0x1468  Psched - ok
20:21:45.0501 0x1468  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:21:45.0542 0x1468  QWAVE - ok
20:21:45.0571 0x1468  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:21:45.0597 0x1468  QWAVEdrv - ok
20:21:45.0635 0x1468  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:21:45.0662 0x1468  RasAcd - ok
20:21:45.0747 0x1468  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:21:45.0777 0x1468  RasAgileVpn - ok
20:21:45.0814 0x1468  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:21:45.0847 0x1468  RasAuto - ok
20:21:45.0872 0x1468  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:21:45.0912 0x1468  Rasl2tp - ok
20:21:45.0966 0x1468  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:21:46.0027 0x1468  RasMan - ok
20:21:46.0074 0x1468  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:21:46.0106 0x1468  RasPppoe - ok
20:21:46.0133 0x1468  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:21:46.0188 0x1468  RasSstp - ok
20:21:46.0221 0x1468  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:21:46.0259 0x1468  rdbss - ok
20:21:46.0303 0x1468  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:21:46.0329 0x1468  rdpbus - ok
20:21:46.0361 0x1468  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:21:46.0396 0x1468  RDPDR - ok
20:21:46.0473 0x1468  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:21:46.0503 0x1468  RdpVideoMiniport - ok
20:21:46.0534 0x1468  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:21:46.0572 0x1468  rdyboost - ok
20:21:46.0653 0x1468  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:21:46.0718 0x1468  ReFSv1 - ok
20:21:46.0778 0x1468  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:21:46.0843 0x1468  RemoteAccess - ok
20:21:46.0880 0x1468  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:21:46.0923 0x1468  RemoteRegistry - ok
20:21:46.0975 0x1468  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:21:47.0037 0x1468  RetailDemo - ok
20:21:47.0115 0x1468  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:21:47.0159 0x1468  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
20:21:47.0430 0x1468  Detect skipped due to KSN trusted
20:21:47.0430 0x1468  RichVideo - ok
20:21:47.0550 0x1468  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
20:21:47.0616 0x1468  RmSvc - ok
20:21:47.0661 0x1468  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:21:47.0699 0x1468  RpcEptMapper - ok
20:21:47.0724 0x1468  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:21:47.0753 0x1468  RpcLocator - ok
20:21:47.0821 0x1468  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:21:47.0895 0x1468  RpcSs - ok
20:21:47.0963 0x1468  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:21:47.0994 0x1468  rspndr - ok
20:21:48.0037 0x1468  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
20:21:48.0116 0x1468  rt640x64 - ok
20:21:48.0173 0x1468  [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
20:21:48.0190 0x1468  rtport - ok
20:21:48.0228 0x1468  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:21:48.0261 0x1468  s3cap - ok
20:21:48.0309 0x1468  [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI            C:\windows\system32\Drivers\SABI.sys
20:21:48.0342 0x1468  SABI - ok
20:21:48.0375 0x1468  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:21:48.0400 0x1468  SamSs - ok
20:21:48.0428 0x1468  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:21:48.0453 0x1468  sbp2port - ok
20:21:48.0495 0x1468  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:21:48.0536 0x1468  SCardSvr - ok
20:21:48.0581 0x1468  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:21:48.0621 0x1468  ScDeviceEnum - ok
20:21:48.0666 0x1468  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:21:48.0695 0x1468  scfilter - ok
20:21:48.0769 0x1468  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:21:48.0853 0x1468  Schedule - ok
20:21:48.0914 0x1468  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
20:21:48.0938 0x1468  scmbus - ok
20:21:48.0964 0x1468  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
20:21:48.0999 0x1468  scmdisk0101 - ok
20:21:49.0023 0x1468  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:21:49.0060 0x1468  SCPolicySvc - ok
20:21:49.0109 0x1468  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:21:49.0141 0x1468  sdbus - ok
20:21:49.0174 0x1468  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:21:49.0211 0x1468  SDRSVC - ok
20:21:49.0236 0x1468  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:21:49.0265 0x1468  sdstor - ok
20:21:49.0298 0x1468  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:21:49.0336 0x1468  seclogon - ok
20:21:49.0363 0x1468  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
20:21:49.0397 0x1468  SENS - ok
20:21:49.0486 0x1468  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:21:49.0584 0x1468  SensorDataService - ok
20:21:49.0651 0x1468  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:21:49.0701 0x1468  SensorService - ok
20:21:49.0779 0x1468  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:21:49.0843 0x1468  SensrSvc - ok
20:21:49.0902 0x1468  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:21:49.0927 0x1468  SerCx - ok
20:21:49.0978 0x1468  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:21:50.0005 0x1468  SerCx2 - ok
20:21:50.0028 0x1468  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:21:50.0055 0x1468  Serenum - ok
20:21:50.0084 0x1468  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:21:50.0114 0x1468  Serial - ok
20:21:50.0135 0x1468  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:21:50.0162 0x1468  sermouse - ok
20:21:50.0224 0x1468  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:21:50.0271 0x1468  SessionEnv - ok
20:21:50.0307 0x1468  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:21:50.0333 0x1468  sfloppy - ok
20:21:50.0394 0x1468  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\WINDOWS\system32\DRIVERS\Sftfslh.sys
20:21:50.0439 0x1468  Sftfs - ok
20:21:50.0528 0x1468  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:21:50.0590 0x1468  sftlist - ok
20:21:50.0620 0x1468  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys
20:21:50.0647 0x1468  Sftplay - ok
20:21:50.0674 0x1468  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys
20:21:50.0692 0x1468  Sftredir - ok
20:21:50.0726 0x1468  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\WINDOWS\system32\DRIVERS\Sftvollh.sys
20:21:50.0745 0x1468  Sftvol - ok
20:21:50.0780 0x1468  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:21:50.0830 0x1468  sftvsa - ok
20:21:50.0869 0x1468  [ 2FE1CD3AA602414841DB10AD96C95A5E, 1A2489DF37C13B578E69AA0D3D5DB3627C77750C45D78BB2872E29DD10253326 ] SGDrv           C:\WINDOWS\System32\drivers\SGdrv64.sys
20:21:50.0891 0x1468  SGDrv - ok
20:21:50.0954 0x1468  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:21:51.0007 0x1468  SharedAccess - ok
20:21:51.0069 0x1468  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:21:51.0137 0x1468  ShellHWDetection - ok
20:21:51.0169 0x1468  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
20:21:51.0221 0x1468  shpamsvc - ok
20:21:51.0260 0x1468  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:21:51.0282 0x1468  SiSRaid2 - ok
20:21:51.0340 0x1468  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:21:51.0363 0x1468  SiSRaid4 - ok
20:21:51.0469 0x1468  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:21:51.0523 0x1468  SkypeUpdate - ok
20:21:51.0549 0x1468  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
20:21:51.0578 0x1468  smphost - ok
20:21:51.0646 0x1468  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:21:51.0704 0x1468  SmsRouter - ok
20:21:51.0753 0x1468  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:21:51.0783 0x1468  SNMPTRAP - ok
20:21:51.0825 0x1468  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:21:51.0869 0x1468  spaceport - ok
20:21:51.0913 0x1468  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:21:51.0937 0x1468  SpbCx - ok
20:21:52.0002 0x1468  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:21:52.0069 0x1468  Spooler - ok
20:21:52.0320 0x1468  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:21:52.0715 0x1468  sppsvc - ok
20:21:52.0777 0x1468  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:21:52.0824 0x1468  srv - ok
20:21:52.0877 0x1468  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:21:52.0938 0x1468  srv2 - ok
20:21:52.0992 0x1468  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:21:53.0029 0x1468  srvnet - ok
20:21:53.0096 0x1468  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:21:53.0135 0x1468  SSDPSRV - ok
20:21:53.0173 0x1468  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:21:53.0213 0x1468  SstpSvc - ok
20:21:53.0408 0x1468  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:21:53.0642 0x1468  StateRepository - ok
20:21:53.0732 0x1468  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:21:53.0753 0x1468  stexstor - ok
20:21:53.0820 0x1468  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:21:53.0882 0x1468  stisvc - ok
20:21:53.0943 0x1468  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:21:53.0969 0x1468  storahci - ok
20:21:53.0995 0x1468  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:21:54.0017 0x1468  storflt - ok
20:21:54.0046 0x1468  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:21:54.0089 0x1468  stornvme - ok
20:21:54.0120 0x1468  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:21:54.0162 0x1468  storqosflt - ok
20:21:54.0213 0x1468  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:21:54.0261 0x1468  StorSvc - ok
20:21:54.0290 0x1468  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:21:54.0312 0x1468  storufs - ok
20:21:54.0334 0x1468  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:21:54.0355 0x1468  storvsc - ok
20:21:54.0393 0x1468  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:21:54.0425 0x1468  svsvc - ok
20:21:54.0438 0x1468  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:21:54.0460 0x1468  swenum - ok
20:21:54.0502 0x1468  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
20:21:54.0558 0x1468  swprv - ok
20:21:54.0611 0x1468  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:21:54.0638 0x1468  Synth3dVsc - ok
20:21:54.0703 0x1468  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:21:54.0785 0x1468  SysMain - ok
20:21:54.0844 0x1468  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:21:54.0892 0x1468  SystemEventsBroker - ok
20:21:54.0956 0x1468  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:21:54.0992 0x1468  TabletInputService - ok
20:21:55.0027 0x1468  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:21:55.0071 0x1468  TapiSrv - ok
20:21:55.0204 0x1468  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:21:55.0336 0x1468  Tcpip - ok
20:21:55.0421 0x1468  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:21:55.0546 0x1468  Tcpip6 - ok
20:21:55.0614 0x1468  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:21:55.0642 0x1468  tcpipreg - ok
20:21:55.0680 0x1468  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:21:55.0705 0x1468  tdx - ok
20:21:55.0746 0x1468  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:21:55.0768 0x1468  terminpt - ok
20:21:55.0831 0x1468  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
20:21:55.0926 0x1468  TermService - ok
20:21:55.0951 0x1468  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:21:55.0992 0x1468  Themes - ok
20:21:56.0043 0x1468  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:21:56.0089 0x1468  TieringEngineService - ok
20:21:56.0143 0x1468  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:21:56.0200 0x1468  tiledatamodelsvc - ok
20:21:56.0261 0x1468  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
20:21:56.0298 0x1468  TimeBrokerSvc - ok
20:21:56.0335 0x1468  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:21:56.0364 0x1468  TPM - ok
20:21:56.0401 0x1468  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:21:56.0435 0x1468  TrkWks - ok
20:21:56.0486 0x1468  [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
20:21:56.0517 0x1468  trufos - ok
20:21:56.0575 0x1468  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:21:56.0605 0x1468  TrustedInstaller - ok
20:21:56.0646 0x1468  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
20:21:56.0686 0x1468  tsusbflt - ok
20:21:56.0694 0x1468  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:21:56.0721 0x1468  TsUsbGD - ok
20:21:56.0757 0x1468  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:21:56.0789 0x1468  tunnel - ok
20:21:56.0828 0x1468  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:21:56.0861 0x1468  tzautoupdate - ok
20:21:56.0898 0x1468  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:21:56.0921 0x1468  UASPStor - ok
20:21:56.0959 0x1468  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:21:56.0989 0x1468  UcmCx0101 - ok
20:21:57.0021 0x1468  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
20:21:57.0052 0x1468  UcmTcpciCx0101 - ok
20:21:57.0061 0x1468  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:21:57.0088 0x1468  UcmUcsi - ok
20:21:57.0119 0x1468  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:21:57.0148 0x1468  Ucx01000 - ok
20:21:57.0187 0x1468  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:21:57.0214 0x1468  UdeCx - ok
20:21:57.0245 0x1468  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:21:57.0293 0x1468  udfs - ok
20:21:57.0331 0x1468  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:21:57.0353 0x1468  UEFI - ok
20:21:57.0388 0x1468  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:21:57.0419 0x1468  Ufx01000 - ok
20:21:57.0455 0x1468  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:21:57.0479 0x1468  UfxChipidea - ok
20:21:57.0515 0x1468  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:21:57.0541 0x1468  ufxsynopsys - ok
20:21:57.0597 0x1468  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:21:57.0631 0x1468  UI0Detect - ok
20:21:57.0660 0x1468  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:21:57.0688 0x1468  umbus - ok
20:21:57.0715 0x1468  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:21:57.0745 0x1468  UmPass - ok
20:21:57.0820 0x1468  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:21:57.0861 0x1468  UmRdpService - ok
20:21:57.0931 0x1468  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:21:58.0020 0x1468  UnistoreSvc - ok
20:21:58.0173 0x1468  [ 547FC25EE3FF3C3EC02D6A828644C0A2, 8901E977FF4B822DFA485D09C96F74B5F82ED994EFE94F59F35B7817500E110A ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
20:21:58.0214 0x1468  UPDATESRV - ok
20:21:58.0309 0x1468  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:21:58.0368 0x1468  upnphost - ok
20:21:58.0415 0x1468  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:21:58.0436 0x1468  UrsChipidea - ok
20:21:58.0466 0x1468  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:21:58.0489 0x1468  UrsCx01000 - ok
20:21:58.0513 0x1468  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:21:58.0534 0x1468  UrsSynopsys - ok
20:21:58.0568 0x1468  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:21:58.0595 0x1468  usbccgp - ok
20:21:58.0615 0x1468  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:21:58.0645 0x1468  usbcir - ok
20:21:58.0684 0x1468  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:21:58.0709 0x1468  usbehci - ok
20:21:58.0742 0x1468  [ B7037444DC5138FC7D3D3968B4DE5C4B, DD9E3E40766A3F3B708DA341B7280E447788218ED677E1A24EC0CD04B04281B2 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
20:21:58.0758 0x1468  usbfilter - ok
20:21:58.0795 0x1468  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:21:58.0836 0x1468  usbhub - ok
20:21:58.0876 0x1468  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:21:58.0919 0x1468  USBHUB3 - ok
20:21:58.0947 0x1468  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:21:58.0973 0x1468  usbohci - ok
20:21:58.0993 0x1468  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:21:59.0020 0x1468  usbprint - ok
20:21:59.0049 0x1468  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:21:59.0078 0x1468  usbser - ok
20:21:59.0120 0x1468  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:21:59.0145 0x1468  USBSTOR - ok
20:21:59.0202 0x1468  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:21:59.0228 0x1468  usbuhci - ok
20:21:59.0269 0x1468  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:21:59.0305 0x1468  usbvideo - ok
20:21:59.0360 0x1468  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:21:59.0397 0x1468  USBXHCI - ok
20:21:59.0492 0x1468  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:21:59.0596 0x1468  UserDataSvc - ok
20:21:59.0679 0x1468  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:21:59.0760 0x1468  UserManager - ok
20:21:59.0848 0x1468  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:21:59.0903 0x1468  UsoSvc - ok
20:21:59.0934 0x1468  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:21:59.0959 0x1468  VaultSvc - ok
20:21:59.0976 0x1468  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:21:59.0999 0x1468  vdrvroot - ok
20:22:00.0056 0x1468  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
20:22:00.0121 0x1468  vds - ok
20:22:00.0163 0x1468  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:22:00.0191 0x1468  VerifierExt - ok
20:22:00.0267 0x1468  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:22:00.0316 0x1468  vhdmp - ok
20:22:00.0359 0x1468  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:22:00.0386 0x1468  vhf - ok
20:22:00.0432 0x1468  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:22:00.0456 0x1468  vmbus - ok
20:22:00.0482 0x1468  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:22:00.0508 0x1468  VMBusHID - ok
20:22:00.0556 0x1468  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
20:22:00.0580 0x1468  vmgid - ok
20:22:00.0627 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
20:22:00.0667 0x1468  vmicguestinterface - ok
20:22:00.0682 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
20:22:00.0725 0x1468  vmicheartbeat - ok
20:22:00.0740 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
20:22:00.0781 0x1468  vmickvpexchange - ok
20:22:00.0817 0x1468  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
20:22:00.0859 0x1468  vmicrdv - ok
20:22:00.0876 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
20:22:00.0916 0x1468  vmicshutdown - ok
20:22:00.0931 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
20:22:00.0974 0x1468  vmictimesync - ok
20:22:00.0989 0x1468  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
20:22:01.0031 0x1468  vmicvmsession - ok
20:22:01.0049 0x1468  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
20:22:01.0093 0x1468  vmicvss - ok
20:22:01.0122 0x1468  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:22:01.0146 0x1468  volmgr - ok
20:22:01.0172 0x1468  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:22:01.0208 0x1468  volmgrx - ok
20:22:01.0247 0x1468  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:22:01.0284 0x1468  volsnap - ok
20:22:01.0320 0x1468  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
20:22:01.0341 0x1468  volume - ok
20:22:01.0397 0x1468  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:22:01.0421 0x1468  vpci - ok
20:22:01.0452 0x1468  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:22:01.0479 0x1468  vsmraid - ok
20:22:01.0579 0x1468  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
20:22:01.0684 0x1468  VSS - ok
20:22:01.0776 0x1468  [ 96DF3F150627FAB3098583B8A8A2A097, 51873F374E8ED4250BA823D9C015D174C3D03A9B5AF266530761539DB993D831 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
20:22:01.0935 0x1468  VSSERV - ok
20:22:01.0986 0x1468  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:22:02.0020 0x1468  VSTXRAID - ok
20:22:02.0094 0x1468  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:22:02.0120 0x1468  vwifibus - ok
20:22:02.0143 0x1468  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:22:02.0171 0x1468  vwififlt - ok
20:22:02.0202 0x1468  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
20:22:02.0229 0x1468  vwifimp - ok
20:22:02.0281 0x1468  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
20:22:02.0337 0x1468  W32Time - ok
20:22:02.0407 0x1468  [ 4053FB949F48647A327BC18DFEEA4374, 52511C35854A673ADCD9084FEF9BC6A339BCA0290374B81140A371D67B13A8FB ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
20:22:02.0500 0x1468  w3logsvc - ok
20:22:02.0582 0x1468  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:22:02.0636 0x1468  W3SVC - ok
20:22:02.0718 0x1468  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:22:02.0744 0x1468  WacomPen - ok
20:22:02.0778 0x1468  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
20:22:02.0829 0x1468  WalletService - ok
20:22:02.0855 0x1468  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:22:02.0892 0x1468  wanarp - ok
20:22:02.0900 0x1468  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:22:02.0937 0x1468  wanarpv6 - ok
20:22:02.0961 0x1468  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:22:03.0015 0x1468  WAS - ok
20:22:03.0111 0x1468  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:22:03.0217 0x1468  wbengine - ok
20:22:03.0311 0x1468  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:22:03.0395 0x1468  WbioSrvc - ok
20:22:03.0440 0x1468  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
20:22:03.0465 0x1468  wcifs - ok
20:22:03.0542 0x1468  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:22:03.0615 0x1468  Wcmsvc - ok
20:22:03.0655 0x1468  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:22:03.0707 0x1468  wcncsvc - ok
20:22:03.0741 0x1468  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
20:22:03.0768 0x1468  wcnfs - ok
20:22:03.0814 0x1468  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:22:03.0837 0x1468  WdBoot - ok
20:22:03.0906 0x1468  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:22:03.0956 0x1468  Wdf01000 - ok
20:22:03.0996 0x1468  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:22:04.0029 0x1468  WdFilter - ok
20:22:04.0071 0x1468  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:22:04.0109 0x1468  WdiServiceHost - ok
20:22:04.0117 0x1468  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:22:04.0155 0x1468  WdiSystemHost - ok
20:22:04.0214 0x1468  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:22:04.0300 0x1468  wdiwifi - ok
         

Alt 11.03.2017, 20:48   #5
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Teil 2:

Code:
ATTFilter
20:22:04.0327 0x1468  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:22:04.0352 0x1468  WdNisDrv - ok
20:22:04.0384 0x1468  WdNisSvc - ok
20:22:04.0485 0x1468  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:22:04.0531 0x1468  WebClient - ok
20:22:04.0597 0x1468  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:22:04.0644 0x1468  Wecsvc - ok
20:22:04.0670 0x1468  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:22:04.0703 0x1468  WEPHOSTSVC - ok
20:22:04.0728 0x1468  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:22:04.0774 0x1468  wercplsupport - ok
20:22:04.0807 0x1468  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:22:04.0844 0x1468  WerSvc - ok
20:22:04.0884 0x1468  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:22:04.0910 0x1468  WFPLWFS - ok
20:22:04.0936 0x1468  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:22:04.0999 0x1468  WiaRpc - ok
20:22:05.0048 0x1468  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:22:05.0071 0x1468  WIMMount - ok
20:22:05.0076 0x1468  WinDefend - ok
20:22:09.0090 0x1468  xinputhid - ok
20:22:05.0114 0x1468  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:22:05.0139 0x1468  WindowsTrustedRT - ok
20:22:05.0171 0x1468  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:22:05.0191 0x1468  WindowsTrustedRTProxy - ok
20:22:05.0247 0x1468  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:22:05.0317 0x1468  WinHttpAutoProxySvc - ok
20:22:05.0344 0x1468  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:22:05.0366 0x1468  WinMad - ok
20:22:05.0434 0x1468  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:22:05.0471 0x1468  Winmgmt - ok
20:22:05.0593 0x1468  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:22:05.0778 0x1468  WinRM - ok
20:22:05.0815 0x1468  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
20:22:05.0844 0x1468  WINUSB - ok
20:22:05.0867 0x1468  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:22:05.0891 0x1468  WinVerbs - ok
20:22:05.0962 0x1468  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
20:22:06.0019 0x1468  wisvc - ok
20:22:06.0140 0x1468  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:22:06.0291 0x1468  WlanSvc - ok
20:22:06.0357 0x1468  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:22:06.0373 0x1468  wlcrasvc - ok
20:22:06.0476 0x1468  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:22:06.0612 0x1468  wlidsvc - ok
20:22:06.0666 0x1468  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:22:06.0692 0x1468  WmiAcpi - ok
20:22:06.0736 0x1468  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:22:06.0771 0x1468  wmiApSrv - ok
20:22:06.0801 0x1468  WMPNetworkSvc - ok
20:22:06.0841 0x1468  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:22:06.0869 0x1468  Wof - ok
20:22:06.0987 0x1468  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:22:07.0107 0x1468  workfolderssvc - ok
20:22:07.0157 0x1468  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:22:07.0191 0x1468  WPDBusEnum - ok
20:22:07.0222 0x1468  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:22:07.0245 0x1468  WpdUpFltr - ok
20:22:07.0272 0x1468  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:22:07.0312 0x1468  WpnService - ok
20:22:07.0337 0x1468  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
20:22:07.0369 0x1468  WpnUserService - ok
20:22:07.0473 0x1468  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:22:07.0498 0x1468  ws2ifsl - ok
20:22:07.0578 0x1468  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:22:07.0633 0x1468  wscsvc - ok
20:22:07.0640 0x1468  WSearch - ok
20:22:07.0781 0x1468  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:22:07.0928 0x1468  wuauserv - ok
20:22:07.0998 0x1468  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:22:08.0028 0x1468  WudfPf - ok
20:22:08.0062 0x1468  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
20:22:08.0099 0x1468  WUDFRd - ok
20:22:08.0146 0x1468  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:22:08.0182 0x1468  wudfsvc - ok
20:22:08.0196 0x1468  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:22:08.0233 0x1468  WUDFWpdFs - ok
20:22:08.0303 0x1468  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:22:08.0398 0x1468  WwanSvc - ok
20:22:08.0495 0x1468  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:22:08.0575 0x1468  XblAuthManager - ok
20:22:08.0685 0x1468  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:22:08.0773 0x1468  XblGameSave - ok
20:22:08.0830 0x1468  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:22:08.0867 0x1468  xboxgip - ok
20:22:08.0926 0x1468  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:22:09.0015 0x1468  XboxNetApiSvc - ok
20:22:09.0062 0x1468  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys20:22:09.0095 0x1468  ================ Scan global ===============================
20:22:09.0136 0x1468  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
20:22:09.0186 0x1468  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
20:22:09.0223 0x1468  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
20:22:09.0265 0x1468  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
20:22:09.0281 0x1468  [ Global ] - ok
20:22:09.0282 0x1468  ================ Scan MBR ==================================
20:22:09.0292 0x1468  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
20:22:09.0741 0x1468  \Device\Harddisk0\DR0 - ok
20:22:09.0742 0x1468  ================ Scan VBR ==================================
20:22:09.0745 0x1468  [ 9D865CF95DF013723C0BF933684537A0 ] \Device\Harddisk0\DR0\Partition1
20:22:09.0747 0x1468  \Device\Harddisk0\DR0\Partition1 - ok
20:22:09.0753 0x1468  [ FB151AB35BB8AF4C986A0E5663AB00BD ] \Device\Harddisk0\DR0\Partition2
20:22:09.0756 0x1468  \Device\Harddisk0\DR0\Partition2 - ok
20:22:09.0781 0x1468  [ 2704C882109B92D9348729648EF2B251 ] \Device\Harddisk0\DR0\Partition3
20:22:09.0784 0x1468  \Device\Harddisk0\DR0\Partition3 - ok
20:22:09.0784 0x1468  ================ Scan generic autorun ======================
20:22:10.0347 0x1468  [ C6992F5730886B6977313918583D13C7, 5D75DBF4D272BD4A8DDF40C7D9D8044621EFD12AB4303DBF90538AFBE2FEFD42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:22:11.0071 0x1468  RtHDVCpl - ok
20:22:11.0104 0x1468  ETDCtrl - ok
20:22:11.0206 0x1468  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:22:11.0250 0x1468  StartCCC - ok
20:22:11.0334 0x1468  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
20:22:11.0369 0x1468  HP Software Update - ok
20:22:11.0761 0x1468  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:22:12.0397 0x1468  OneDriveSetup - ok
20:22:12.0768 0x1468  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:22:13.0244 0x1468  OneDriveSetup - ok
20:22:13.0409 0x1468  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
20:22:13.0450 0x1468  Dropbox Update - ok
20:22:13.0553 0x1468  [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:22:13.0664 0x1468  OneDrive - ok
20:22:14.0014 0x1468  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:22:14.0574 0x1468  OneDriveSetup - ok
20:22:14.0666 0x1468  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
20:22:14.0812 0x1468  WAB Migrate - ok
20:22:14.0815 0x1468  Waiting for KSN requests completion. In queue: 257
20:22:15.0994 0x1468  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
20:22:16.0028 0x1468  AV detected via SS2: Bitdefender-Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.4.0.216 ), 0x41000 ( enabled : updated )
20:22:16.0052 0x1468  Win FW state via NFP2: enabled ( trusted )
20:22:16.0160 0x1468  ============================================================
20:22:16.0160 0x1468  Scan finished
20:22:16.0160 0x1468  ============================================================
20:22:16.0180 0x1858  Detected object count: 0
20:22:16.0180 0x1858  Actual detected object count: 0
20:23:03.0544 0x1ce4  ============================================================
20:23:03.0544 0x1ce4  Scan started
20:23:03.0544 0x1ce4  Mode: Manual; SigCheck; TDLFS; 
20:23:03.0544 0x1ce4  ============================================================
20:23:03.0544 0x1ce4  KSN ping started
20:23:03.0690 0x1ce4  KSN ping finished: true
20:23:04.0430 0x1ce4  ================ Scan system memory ========================
20:23:04.0430 0x1ce4  System memory - ok
20:23:04.0431 0x1ce4  ================ Scan services =============================
20:23:04.0627 0x1ce4  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:23:04.0674 0x1ce4  1394ohci - ok
20:23:04.0708 0x1ce4  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:23:04.0735 0x1ce4  3ware - ok
20:23:04.0798 0x1ce4  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:23:04.0856 0x1ce4  ACPI - ok
20:23:04.0889 0x1ce4  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
20:23:04.0916 0x1ce4  AcpiDev - ok
20:23:04.0961 0x1ce4  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:23:04.0990 0x1ce4  acpiex - ok
20:23:05.0020 0x1ce4  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:23:05.0047 0x1ce4  acpipagr - ok
20:23:05.0089 0x1ce4  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:23:05.0114 0x1ce4  AcpiPmi - ok
20:23:05.0149 0x1ce4  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:23:05.0177 0x1ce4  acpitime - ok
20:23:05.0333 0x1ce4  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:23:05.0459 0x1ce4  AdobeARMservice - ok
20:23:05.0570 0x1ce4  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:05.0626 0x1ce4  AdobeFlashPlayerUpdateSvc - ok
20:23:05.0847 0x1ce4  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:23:05.0917 0x1ce4  ADP80XX - ok
20:23:05.0993 0x1ce4  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:23:06.0042 0x1ce4  AFD - ok
20:23:06.0081 0x1ce4  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:23:06.0120 0x1ce4  ahcache - ok
20:23:06.0161 0x1ce4  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:23:06.0187 0x1ce4  AJRouter - ok
20:23:06.0219 0x1ce4  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
20:23:06.0250 0x1ce4  ALG - ok
20:23:06.0287 0x1ce4  [ 521248FA26458669BAAE6AB7DB21F3AC, 2C609E80220EDDFFE0A44A376D450F461597D00E5F4E526D10FF09E66D06A9B7 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:23:06.0322 0x1ce4  AMD External Events Utility - ok
20:23:06.0406 0x1ce4  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
20:23:06.0440 0x1ce4  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
20:23:06.0440 0x1ce4  Detect skipped due to KSN trusted
20:23:06.0441 0x1ce4  AMD FUEL Service - ok
20:23:06.0499 0x1ce4  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:23:06.0532 0x1ce4  AmdK8 - ok
20:23:06.0551 0x1ce4  amdkmdag - ok
20:23:06.0679 0x1ce4  [ AD96CC96B6A0CEE8910A13679426C970, 18005892C57CF8F3B2F09C3DDEC10612EC9B1C14BB057196AAE209D2703FF06E ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:23:06.0729 0x1ce4  amdkmdap - ok
20:23:06.0755 0x1ce4  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:23:06.0787 0x1ce4  AmdPPM - ok
20:23:06.0820 0x1ce4  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:23:06.0845 0x1ce4  amdsata - ok
20:23:06.0881 0x1ce4  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:23:06.0914 0x1ce4  amdsbs - ok
20:23:06.0942 0x1ce4  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:23:06.0964 0x1ce4  amdxata - ok
20:23:06.0989 0x1ce4  [ BB4FE7889DB9CBBE61A308E99697F53C, 0B6B301EC8C2B9CBDBAEEBC54E3D3E6FE6A3A51F71E75FFE71AE30ADF8FC5E23 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
20:23:07.0008 0x1ce4  amd_sata - ok
20:23:07.0024 0x1ce4  [ 5631CBA53F1CBEA3F9E88348E6723391, 5F20FF4F651733A097990DDC3748CD00F3310B0B55BC975FA3654CDA740E0A3D ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
20:23:07.0040 0x1ce4  amd_xata - ok
20:23:07.0095 0x1ce4  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:23:07.0113 0x1ce4  AODDriver4.3 - ok
20:23:07.0162 0x1ce4  [ 5B0F4FB165256DE463A51E3A3127969E, 6751ADFFE95FA671C584427A9624EEB79518DE08132FD7A83148700B75487316 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
20:23:07.0194 0x1ce4  AppHostSvc - ok
20:23:07.0226 0x1ce4  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:23:07.0254 0x1ce4  AppID - ok
20:23:07.0321 0x1ce4  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:23:07.0374 0x1ce4  AppIDSvc - ok
20:23:07.0407 0x1ce4  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:23:07.0441 0x1ce4  Appinfo - ok
20:23:07.0463 0x1ce4  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
20:23:07.0496 0x1ce4  applockerfltr - ok
20:23:07.0556 0x1ce4  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:23:07.0612 0x1ce4  AppReadiness - ok
20:23:07.0754 0x1ce4  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:23:07.0895 0x1ce4  AppXSvc - ok
20:23:07.0953 0x1ce4  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:23:07.0981 0x1ce4  arcsas - ok
20:23:08.0254 0x1ce4  [ 5EE26734A882478AF6696092E2E0F352, 6CACFF521B3B839F73EBEB6EFBFDCCA8A8BC319DDB254BE3EFE29A39040B2C26 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:23:08.0278 0x1ce4  aspnet_state - ok
20:23:08.0327 0x1ce4  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:23:08.0356 0x1ce4  AsyncMac - ok
20:23:08.0418 0x1ce4  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:23:08.0440 0x1ce4  atapi - ok
20:23:08.0634 0x1ce4  [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr            C:\WINDOWS\System32\drivers\athwnx.sys
20:23:08.0888 0x1ce4  athr - ok
20:23:08.0953 0x1ce4  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
20:23:08.0983 0x1ce4  AtiHDAudioService - ok
20:23:09.0032 0x1ce4  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:23:09.0077 0x1ce4  AudioEndpointBuilder - ok
20:23:09.0140 0x1ce4  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:23:09.0216 0x1ce4  Audiosrv - ok
20:23:09.0369 0x1ce4  [ B18699497436228F1109132D669CF29A, 1A358BC7E7931FE43B1038E33EBEA365476E5A2EFB9476F47E3476A3669063FB ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
20:23:09.0473 0x1ce4  avc3 - ok
20:23:09.0550 0x1ce4  [ 1251FB8BF8E6B6129065326A3E8A4378, 1AF1DAE71A8126A875AC3197FD69BCD52949DC08694A29EAB6FA3ED31695BDED ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
20:23:09.0597 0x1ce4  avckf - ok
20:23:09.0641 0x1ce4  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:23:09.0674 0x1ce4  AxInstSV - ok
20:23:09.0730 0x1ce4  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:23:09.0773 0x1ce4  b06bdrv - ok
20:23:09.0800 0x1ce4  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:23:09.0829 0x1ce4  BasicDisplay - ok
20:23:09.0851 0x1ce4  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:23:09.0877 0x1ce4  BasicRender - ok
20:23:09.0911 0x1ce4  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
20:23:09.0935 0x1ce4  bcmfn - ok
20:23:09.0963 0x1ce4  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:23:09.0988 0x1ce4  bcmfn2 - ok
20:23:10.0049 0x1ce4  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:23:10.0113 0x1ce4  BDESVC - ok
20:23:10.0202 0x1ce4  [ 0B3BADC084AB1592D6E2D4CFA3AA2461, C62860DF753E455D2D4FFFE04CB26D84590947A4B41FA853D83A8F8EB9E80F9C ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
20:23:10.0223 0x1ce4  bdfwfpf - ok
20:23:10.0251 0x1ce4  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:23:10.0275 0x1ce4  Beep - ok
20:23:10.0333 0x1ce4  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
20:23:10.0398 0x1ce4  BFE - ok
20:23:10.0492 0x1ce4  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
20:23:10.0573 0x1ce4  BITS - ok
20:23:10.0613 0x1ce4  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:23:10.0642 0x1ce4  bowser - ok
20:23:10.0710 0x1ce4  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:23:10.0773 0x1ce4  BrokerInfrastructure - ok
20:23:10.0839 0x1ce4  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
20:23:10.0870 0x1ce4  Browser - ok
20:23:10.0914 0x1ce4  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:23:10.0942 0x1ce4  BthAvrcpTg - ok
20:23:10.0966 0x1ce4  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:23:10.0995 0x1ce4  BthHFEnum - ok
20:23:11.0022 0x1ce4  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:23:11.0048 0x1ce4  bthhfhid - ok
20:23:11.0077 0x1ce4  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:23:11.0120 0x1ce4  BthHFSrv - ok
20:23:11.0157 0x1ce4  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:23:11.0185 0x1ce4  BTHMODEM - ok
20:23:11.0219 0x1ce4  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:23:11.0265 0x1ce4  bthserv - ok
20:23:11.0313 0x1ce4  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:23:11.0344 0x1ce4  buttonconverter - ok
20:23:11.0380 0x1ce4  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:23:11.0414 0x1ce4  CapImg - ok
20:23:11.0473 0x1ce4  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:23:11.0503 0x1ce4  cdfs - ok
20:23:11.0561 0x1ce4  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:23:11.0610 0x1ce4  CDPSvc - ok
20:23:11.0636 0x1ce4  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
20:23:11.0680 0x1ce4  CDPUserSvc - ok
20:23:11.0729 0x1ce4  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:23:11.0777 0x1ce4  cdrom - ok
20:23:11.0825 0x1ce4  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:23:11.0861 0x1ce4  CertPropSvc - ok
20:23:11.0915 0x1ce4  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
20:23:11.0949 0x1ce4  cht4iscsi - ok
20:23:12.0042 0x1ce4  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
20:23:12.0184 0x1ce4  cht4vbd - ok
20:23:12.0249 0x1ce4  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:23:12.0278 0x1ce4  circlass - ok
20:23:12.0329 0x1ce4  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:23:12.0365 0x1ce4  CLFS - ok
20:23:12.0431 0x1ce4  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:23:12.0482 0x1ce4  ClipSVC - ok
20:23:12.0508 0x1ce4  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
20:23:12.0537 0x1ce4  clreg - ok
20:23:12.0590 0x1ce4  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
20:23:12.0605 0x1ce4  clwvd - ok
20:23:12.0642 0x1ce4  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:23:12.0677 0x1ce4  CmBatt - ok
20:23:12.0724 0x1ce4  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:23:12.0770 0x1ce4  CNG - ok
20:23:12.0809 0x1ce4  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:23:12.0831 0x1ce4  cnghwassist - ok
20:23:12.0912 0x1ce4  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
20:23:12.0952 0x1ce4  CompositeBus - ok
20:23:12.0964 0x1ce4  COMSysApp - ok
20:23:13.0008 0x1ce4  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:23:13.0030 0x1ce4  condrv - ok
20:23:13.0120 0x1ce4  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:23:13.0175 0x1ce4  CoreMessagingRegistrar - ok
20:23:13.0224 0x1ce4  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:23:13.0258 0x1ce4  CryptSvc - ok
20:23:13.0388 0x1ce4  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:23:13.0443 0x1ce4  cvhsvc - ok
20:23:13.0495 0x1ce4  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:23:13.0519 0x1ce4  dam - ok
20:23:13.0595 0x1ce4  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:23:13.0674 0x1ce4  DcomLaunch - ok
20:23:13.0759 0x1ce4  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
20:23:13.0800 0x1ce4  DcpSvc - ok
20:23:13.0851 0x1ce4  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:23:13.0911 0x1ce4  defragsvc - ok
20:23:14.0000 0x1ce4  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:23:14.0050 0x1ce4  DeviceAssociationService - ok
20:23:14.0085 0x1ce4  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:23:14.0126 0x1ce4  DeviceInstall - ok
20:23:14.0318 0x1ce4  [ C344E9B44C05326218B07AFB8A2AE754, 7828BACF197A6E6FF4086CB54396B8B2B7089270281B40E0434B951FC7AB7B91 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
20:23:14.0499 0x1ce4  DevoloNetworkService - ok
20:23:14.0553 0x1ce4  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:23:14.0595 0x1ce4  DevQueryBroker - ok
20:23:14.0658 0x1ce4  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:23:14.0696 0x1ce4  Dfsc - ok
20:23:14.0757 0x1ce4  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:23:14.0818 0x1ce4  Dhcp - ok
20:23:14.0894 0x1ce4  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:23:14.0933 0x1ce4  diagnosticshub.standardcollector.service - ok
20:23:15.0208 0x1ce4  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:23:15.0379 0x1ce4  DiagTrack - ok
20:23:15.0463 0x1ce4  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:23:15.0488 0x1ce4  disk - ok
20:23:15.0546 0x1ce4  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:23:15.0594 0x1ce4  DmEnrollmentSvc - ok
20:23:15.0637 0x1ce4  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:23:15.0663 0x1ce4  dmvsc - ok
20:23:15.0709 0x1ce4  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:23:15.0747 0x1ce4  dmwappushservice - ok
20:23:15.0790 0x1ce4  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:23:15.0831 0x1ce4  Dnscache - ok
20:23:15.0861 0x1ce4  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:23:15.0902 0x1ce4  dot3svc - ok
20:23:15.0943 0x1ce4  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
20:23:15.0978 0x1ce4  DPS - ok
20:23:16.0006 0x1ce4  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
20:23:16.0027 0x1ce4  drmkaud - ok
20:23:16.0063 0x1ce4  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:23:16.0103 0x1ce4  DsmSvc - ok
20:23:16.0131 0x1ce4  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:23:16.0169 0x1ce4  DsSvc - ok
20:23:16.0306 0x1ce4  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:23:16.0413 0x1ce4  DXGKrnl - ok
20:23:16.0491 0x1ce4  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:23:16.0532 0x1ce4  EapHost - ok
20:23:16.0717 0x1ce4  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:23:16.0889 0x1ce4  ebdrv - ok
20:23:16.0946 0x1ce4  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
20:23:16.0972 0x1ce4  EFS - ok
20:23:17.0016 0x1ce4  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:23:17.0040 0x1ce4  EhStorClass - ok
20:23:17.0073 0x1ce4  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:23:17.0098 0x1ce4  EhStorTcgDrv - ok
20:23:17.0164 0x1ce4  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:23:17.0200 0x1ce4  embeddedmode - ok
20:23:17.0247 0x1ce4  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:23:17.0287 0x1ce4  EntAppSvc - ok
20:23:17.0318 0x1ce4  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:23:17.0344 0x1ce4  ErrDev - ok
20:23:17.0448 0x1ce4  [ EFE74410FCB752DEDB9E8BFAE6552772, 07CA41742AF48E970AEEE0F62563036FC0BC4AA849AEB7348CF211DADB227F3B ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
20:23:17.0486 0x1ce4  ETD - ok
20:23:17.0608 0x1ce4  [ 843E6C9C663AF3D5148C010AFCCD3ABC, 028591C35E871A5F6CBD56828A778BB9F21A61A8C1FEC787E1375F289206295A ] ETDService      C:\Program Files\Elantech\ETDService.exe
20:23:17.0630 0x1ce4  ETDService - ok
20:23:17.0687 0x1ce4  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
20:23:17.0735 0x1ce4  EventSystem - ok
20:23:17.0777 0x1ce4  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:23:17.0819 0x1ce4  exfat - ok
20:23:17.0873 0x1ce4  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:23:17.0907 0x1ce4  fastfat - ok
20:23:17.0984 0x1ce4  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:23:18.0042 0x1ce4  Fax - ok
20:23:18.0073 0x1ce4  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:23:18.0099 0x1ce4  fdc - ok
20:23:18.0130 0x1ce4  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:23:18.0163 0x1ce4  fdPHost - ok
20:23:18.0190 0x1ce4  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:23:18.0221 0x1ce4  FDResPub - ok
20:23:18.0270 0x1ce4  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:23:18.0301 0x1ce4  fhsvc - ok
20:23:18.0338 0x1ce4  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:23:18.0366 0x1ce4  FileCrypt - ok
20:23:18.0386 0x1ce4  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:23:18.0410 0x1ce4  FileInfo - ok
20:23:18.0420 0x1ce4  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:23:18.0451 0x1ce4  Filetrace - ok
20:23:18.0459 0x1ce4  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:23:18.0486 0x1ce4  flpydisk - ok
20:23:18.0517 0x1ce4  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:23:18.0554 0x1ce4  FltMgr - ok
20:23:18.0642 0x1ce4  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:23:18.0760 0x1ce4  FontCache - ok
20:23:18.0842 0x1ce4  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:23:18.0866 0x1ce4  FontCache3.0.0.0 - ok
20:23:18.0973 0x1ce4  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
20:23:19.0045 0x1ce4  FrameServer - ok
20:23:19.0106 0x1ce4  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:23:19.0128 0x1ce4  FsDepends - ok
20:23:19.0150 0x1ce4  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:23:19.0172 0x1ce4  Fs_Rec - ok
20:23:19.0262 0x1ce4  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:23:19.0309 0x1ce4  fvevol - ok
20:23:19.0389 0x1ce4  [ 521A469CAF61F00E1DE081CC2099C1D6, 5BF39C9797A28674203D5C3D5D942978B9C66F658A43D7696B4BE3E8A7880EB9 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
20:23:19.0429 0x1ce4  GameConsoleService - ok
20:23:19.0483 0x1ce4  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:23:19.0508 0x1ce4  gencounter - ok
20:23:19.0516 0x1ce4  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:23:19.0545 0x1ce4  genericusbfn - ok
20:23:19.0593 0x1ce4  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:23:19.0639 0x1ce4  GPIOClx0101 - ok
20:23:19.0720 0x1ce4  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:23:19.0808 0x1ce4  gpsvc - ok
20:23:19.0871 0x1ce4  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:23:19.0895 0x1ce4  GpuEnergyDrv - ok
20:23:20.0044 0x1ce4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:20.0243 0x1ce4  gupdate - ok
20:23:20.0254 0x1ce4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:20.0376 0x1ce4  gupdatem - ok
20:23:20.0410 0x1ce4  [ 06BFA49C4D999E93E214DB4E8044DE0B, 5E339A2A6858AA59F8B0879AB4CB87DBC6622322259CB612594552DDE831ACD0 ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
20:23:20.0504 0x1ce4  gzflt - ok
20:23:20.0553 0x1ce4  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:23:20.0581 0x1ce4  HDAudBus - ok
20:23:20.0615 0x1ce4  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:23:20.0636 0x1ce4  HidBatt - ok
20:23:20.0670 0x1ce4  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:23:20.0700 0x1ce4  HidBth - ok
20:23:20.0745 0x1ce4  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:23:20.0785 0x1ce4  hidi2c - ok
20:23:20.0811 0x1ce4  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:23:20.0834 0x1ce4  hidinterrupt - ok
20:23:20.0873 0x1ce4  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:23:20.0900 0x1ce4  HidIr - ok
20:23:20.0973 0x1ce4  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:23:21.0001 0x1ce4  hidserv - ok
20:23:21.0067 0x1ce4  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:23:21.0157 0x1ce4  HidUsb - ok
20:23:21.0209 0x1ce4  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:23:21.0251 0x1ce4  HomeGroupListener - ok
20:23:21.0309 0x1ce4  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:23:21.0359 0x1ce4  HomeGroupProvider - ok
20:23:21.0574 0x1ce4  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:23:21.0610 0x1ce4  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
20:23:21.0611 0x1ce4  Detect skipped due to KSN trusted
20:23:21.0611 0x1ce4  hpqcxs08 - ok
20:23:21.0718 0x1ce4  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:23:21.0747 0x1ce4  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
20:23:21.0747 0x1ce4  Detect skipped due to KSN trusted
20:23:21.0747 0x1ce4  hpqddsvc - ok
20:23:21.0803 0x1ce4  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:23:21.0825 0x1ce4  HpSAMD - ok
20:23:21.0899 0x1ce4  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:23:21.0965 0x1ce4  HTTP - ok
20:23:22.0046 0x1ce4  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
20:23:22.0074 0x1ce4  HvHost - ok
20:23:22.0117 0x1ce4  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
20:23:22.0141 0x1ce4  hvservice - ok
20:23:22.0178 0x1ce4  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:23:22.0199 0x1ce4  hwpolicy - ok
20:23:22.0208 0x1ce4  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:23:22.0235 0x1ce4  hyperkbd - ok
20:23:22.0274 0x1ce4  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:23:22.0305 0x1ce4  i8042prt - ok
20:23:22.0326 0x1ce4  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
20:23:22.0353 0x1ce4  iagpio - ok
20:23:22.0386 0x1ce4  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:23:22.0414 0x1ce4  iai2c - ok
20:23:22.0447 0x1ce4  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
20:23:22.0476 0x1ce4  iaLPSS2i_GPIO2 - ok
20:23:22.0500 0x1ce4  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:23:22.0524 0x1ce4  iaLPSS2i_I2C - ok
20:23:22.0565 0x1ce4  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:23:22.0583 0x1ce4  iaLPSSi_GPIO - ok
20:23:22.0609 0x1ce4  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:23:22.0640 0x1ce4  iaLPSSi_I2C - ok
20:23:22.0685 0x1ce4  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:23:22.0732 0x1ce4  iaStorAV - ok
20:23:22.0779 0x1ce4  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:23:22.0816 0x1ce4  iaStorV - ok
20:23:22.0870 0x1ce4  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:23:22.0912 0x1ce4  ibbus - ok
20:23:22.0958 0x1ce4  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:23:22.0997 0x1ce4  icssvc - ok
20:23:23.0087 0x1ce4  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:23:23.0160 0x1ce4  IKEEXT - ok
20:23:23.0196 0x1ce4  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
20:23:23.0223 0x1ce4  IndirectKmd - ok
20:23:23.0475 0x1ce4  [ 8DEDB08D32562867A3E83F0184F39ED4, 48D5A490C436386BA9BD0F9173E96346118C5E584099F2F31B0E931FF96BB4B9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:23:23.0671 0x1ce4  IntcAzAudAddService - ok
20:23:23.0738 0x1ce4  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:23:23.0758 0x1ce4  intelide - ok
20:23:23.0786 0x1ce4  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:23:23.0808 0x1ce4  intelpep - ok
20:23:23.0848 0x1ce4  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:23:23.0879 0x1ce4  intelppm - ok
20:23:23.0920 0x1ce4  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
20:23:23.0942 0x1ce4  iorate - ok
20:23:23.0966 0x1ce4  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:23:23.0995 0x1ce4  IpFilterDriver - ok
20:23:24.0065 0x1ce4  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:23:24.0138 0x1ce4  iphlpsvc - ok
20:23:24.0174 0x1ce4  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:23:24.0198 0x1ce4  IPMIDRV - ok
20:23:24.0229 0x1ce4  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:23:24.0264 0x1ce4  IPNAT - ok
20:23:24.0286 0x1ce4  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
20:23:24.0317 0x1ce4  irda - ok
20:23:24.0347 0x1ce4  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:23:24.0375 0x1ce4  IRENUM - ok
20:23:24.0413 0x1ce4  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
20:23:24.0442 0x1ce4  irmon - ok
20:23:24.0462 0x1ce4  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:23:24.0484 0x1ce4  isapnp - ok
20:23:24.0524 0x1ce4  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:23:24.0555 0x1ce4  iScsiPrt - ok
20:23:24.0602 0x1ce4  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:23:24.0624 0x1ce4  kbdclass - ok
20:23:24.0641 0x1ce4  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:23:24.0667 0x1ce4  kbdhid - ok
20:23:24.0697 0x1ce4  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:23:24.0739 0x1ce4  kdnic - ok
20:23:24.0778 0x1ce4  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:23:24.0802 0x1ce4  KeyIso - ok
20:23:24.0838 0x1ce4  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:23:24.0863 0x1ce4  KSecDD - ok
20:23:24.0915 0x1ce4  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:23:24.0958 0x1ce4  KSecPkg - ok
20:23:24.0992 0x1ce4  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:23:25.0026 0x1ce4  ksthunk - ok
20:23:25.0103 0x1ce4  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:23:25.0149 0x1ce4  KtmRm - ok
20:23:25.0203 0x1ce4  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:23:25.0250 0x1ce4  LanmanServer - ok
20:23:25.0300 0x1ce4  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:23:25.0344 0x1ce4  LanmanWorkstation - ok
20:23:25.0384 0x1ce4  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:23:25.0423 0x1ce4  lfsvc - ok
20:23:25.0453 0x1ce4  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:23:25.0521 0x1ce4  LicenseManager - ok
20:23:25.0563 0x1ce4  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:23:25.0590 0x1ce4  lltdio - ok
20:23:25.0629 0x1ce4  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:23:25.0669 0x1ce4  lltdsvc - ok
20:23:25.0711 0x1ce4  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:23:25.0757 0x1ce4  lmhosts - ok
20:23:25.0814 0x1ce4  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:23:25.0838 0x1ce4  LSI_SAS - ok
20:23:25.0862 0x1ce4  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:23:25.0887 0x1ce4  LSI_SAS2i - ok
20:23:25.0914 0x1ce4  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:23:25.0939 0x1ce4  LSI_SAS3i - ok
20:23:25.0949 0x1ce4  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:23:25.0973 0x1ce4  LSI_SSS - ok
20:23:26.0034 0x1ce4  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
20:23:26.0095 0x1ce4  LSM - ok
20:23:26.0128 0x1ce4  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:23:26.0163 0x1ce4  luafv - ok
20:23:26.0209 0x1ce4  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:23:26.0244 0x1ce4  MapsBroker - ok
20:23:26.0272 0x1ce4  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:23:26.0295 0x1ce4  megasas - ok
20:23:26.0335 0x1ce4  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
20:23:26.0357 0x1ce4  megasas2i - ok
20:23:26.0403 0x1ce4  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:23:26.0448 0x1ce4  megasr - ok
20:23:26.0496 0x1ce4  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:23:26.0527 0x1ce4  MessagingService - ok
20:23:26.0613 0x1ce4  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:23:26.0667 0x1ce4  mlx4_bus - ok
20:23:26.0719 0x1ce4  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:23:26.0746 0x1ce4  MMCSS - ok
20:23:26.0798 0x1ce4  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:23:26.0823 0x1ce4  Modem - ok
20:23:26.0847 0x1ce4  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:23:26.0874 0x1ce4  monitor - ok
20:23:26.0898 0x1ce4  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:23:26.0920 0x1ce4  mouclass - ok
20:23:26.0937 0x1ce4  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:23:26.0962 0x1ce4  mouhid - ok
20:23:26.0991 0x1ce4  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:23:27.0016 0x1ce4  mountmgr - ok
20:23:27.0087 0x1ce4  [ 1EB0251DD31BC9C594D2D87EDE8F8EF4, C9B03461F894A681545994AF9C0555ED92D32617EED344360C1784EE6E2AAC9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:23:27.0123 0x1ce4  MozillaMaintenance - ok
20:23:27.0156 0x1ce4  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:23:27.0184 0x1ce4  mpsdrv - ok
20:23:27.0249 0x1ce4  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:23:27.0321 0x1ce4  MpsSvc - ok
20:23:27.0366 0x1ce4  [ 4FC62380457DE25B69011D3542E954AC, D212DDD2446618A6215CF9FC370FA2634F027BC92D1D4999E019BEF8A86AA6EB ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
20:23:27.0416 0x1ce4  MQAC - ok
20:23:27.0473 0x1ce4  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:23:27.0505 0x1ce4  MRxDAV - ok
20:23:27.0547 0x1ce4  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:23:27.0587 0x1ce4  mrxsmb - ok
20:23:27.0637 0x1ce4  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:23:27.0676 0x1ce4  mrxsmb10 - ok
20:23:27.0712 0x1ce4  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:23:27.0742 0x1ce4  mrxsmb20 - ok
20:23:27.0798 0x1ce4  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:23:27.0830 0x1ce4  MsBridge - ok
20:23:27.0876 0x1ce4  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:23:27.0911 0x1ce4  MSDTC - ok
20:23:27.0948 0x1ce4  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:23:27.0975 0x1ce4  Msfs - ok
20:23:27.0995 0x1ce4  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:23:28.0019 0x1ce4  msgpiowin32 - ok
20:23:28.0078 0x1ce4  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:23:28.0103 0x1ce4  mshidkmdf - ok
20:23:28.0129 0x1ce4  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:23:28.0155 0x1ce4  mshidumdf - ok
20:23:28.0180 0x1ce4  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:23:28.0203 0x1ce4  msisadrv - ok
20:23:28.0252 0x1ce4  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:23:28.0286 0x1ce4  MSiSCSI - ok
20:23:28.0293 0x1ce4  msiserver - ok
20:23:28.0321 0x1ce4  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:23:28.0354 0x1ce4  MSKSSRV - ok
20:23:28.0385 0x1ce4  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:23:28.0414 0x1ce4  MsLldp - ok
20:23:28.0457 0x1ce4  [ F3EF38D07A4ADCDF922EEEAF0FED7D4D, B9D436BFA29AA0A7B00889D96C4F8BC33C1809E19B7A71A69AB2E534E9794BF0 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
20:23:28.0485 0x1ce4  MSMQ - ok
20:23:28.0516 0x1ce4  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:23:28.0550 0x1ce4  MSPCLOCK - ok
20:23:28.0577 0x1ce4  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:23:28.0610 0x1ce4  MSPQM - ok
20:23:28.0642 0x1ce4  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:23:28.0677 0x1ce4  MsRPC - ok
20:23:28.0708 0x1ce4  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:23:28.0730 0x1ce4  mssmbios - ok
20:23:28.0752 0x1ce4  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:23:28.0785 0x1ce4  MSTEE - ok
20:23:28.0801 0x1ce4  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:23:28.0827 0x1ce4  MTConfig - ok
20:23:28.0850 0x1ce4  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:23:28.0876 0x1ce4  Mup - ok
20:23:28.0912 0x1ce4  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:23:28.0935 0x1ce4  mvumis - ok
20:23:28.0991 0x1ce4  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:23:29.0044 0x1ce4  NativeWifiP - ok
20:23:29.0158 0x1ce4  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
20:23:29.0226 0x1ce4  NAUpdate - ok
20:23:29.0281 0x1ce4  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:23:29.0317 0x1ce4  NcaSvc - ok
20:23:29.0377 0x1ce4  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:23:29.0422 0x1ce4  NcbService - ok
20:23:29.0450 0x1ce4  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:23:29.0490 0x1ce4  NcdAutoSetup - ok
20:23:29.0529 0x1ce4  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:23:29.0554 0x1ce4  ndfltr - ok
20:23:29.0632 0x1ce4  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:23:29.0701 0x1ce4  NDIS - ok
20:23:29.0738 0x1ce4  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:23:29.0766 0x1ce4  NdisCap - ok
20:23:29.0807 0x1ce4  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:23:29.0841 0x1ce4  NdisImPlatform - ok
20:23:29.0866 0x1ce4  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:23:29.0902 0x1ce4  NdisTapi - ok
20:23:29.0929 0x1ce4  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:23:29.0957 0x1ce4  Ndisuio - ok
20:23:29.0982 0x1ce4  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:23:30.0011 0x1ce4  NdisVirtualBus - ok
20:23:30.0038 0x1ce4  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:23:30.0081 0x1ce4  NdisWan - ok
20:23:30.0094 0x1ce4  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:23:30.0138 0x1ce4  ndiswanlegacy - ok
20:23:30.0155 0x1ce4  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:23:30.0220 0x1ce4  ndproxy - ok
20:23:30.0246 0x1ce4  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:23:30.0289 0x1ce4  Ndu - ok
20:23:30.0334 0x1ce4  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:23:30.0353 0x1ce4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:23:30.0353 0x1ce4  Detect skipped due to KSN trusted
20:23:30.0353 0x1ce4  Net Driver HPZ12 - ok
20:23:30.0390 0x1ce4  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
20:23:30.0419 0x1ce4  NetAdapterCx - ok
20:23:30.0445 0x1ce4  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:23:30.0468 0x1ce4  NetBIOS - ok
20:23:30.0517 0x1ce4  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:23:30.0581 0x1ce4  NetBT - ok
20:23:30.0613 0x1ce4  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:23:30.0639 0x1ce4  Netlogon - ok
20:23:30.0688 0x1ce4  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
20:23:30.0731 0x1ce4  Netman - ok
20:23:30.0902 0x1ce4  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:30.0935 0x1ce4  NetMsmqActivator - ok
20:23:30.0945 0x1ce4  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:30.0976 0x1ce4  NetPipeActivator - ok
20:23:31.0044 0x1ce4  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:23:31.0102 0x1ce4  netprofm - ok
20:23:31.0159 0x1ce4  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:23:31.0202 0x1ce4  NetSetupSvc - ok
20:23:31.0211 0x1ce4  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:31.0243 0x1ce4  NetTcpActivator - ok
20:23:31.0252 0x1ce4  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:31.0285 0x1ce4  NetTcpPortSharing - ok
20:23:31.0324 0x1ce4  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:23:31.0372 0x1ce4  NgcCtnrSvc - ok
20:23:31.0457 0x1ce4  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:23:31.0546 0x1ce4  NgcSvc - ok
20:23:31.0627 0x1ce4  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:23:31.0678 0x1ce4  NlaSvc - ok
20:23:31.0833 0x1ce4  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:23:31.0948 0x1ce4  NOBU - ok
20:23:32.0020 0x1ce4  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:23:32.0049 0x1ce4  Npfs - ok
20:23:32.0186 0x1ce4  [ BD6ADDB3BB8B73C314B683A8E346C0FE, A6B0B5939AD38C13395C5C6F9BF5458A1EEB2CE3D01721224CAED4931D55FEB5 ] NPF_devolo      C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys
20:23:32.0201 0x1ce4  NPF_devolo - ok
20:23:32.0233 0x1ce4  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:23:32.0258 0x1ce4  npsvctrig - ok
20:23:32.0297 0x1ce4  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:23:32.0328 0x1ce4  nsi - ok
20:23:32.0368 0x1ce4  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:23:32.0396 0x1ce4  nsiproxy - ok
20:23:32.0514 0x1ce4  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:23:32.0640 0x1ce4  NTFS - ok
20:23:32.0698 0x1ce4  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:23:32.0724 0x1ce4  Null - ok
20:23:32.0763 0x1ce4  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:23:32.0790 0x1ce4  nvraid - ok
20:23:32.0831 0x1ce4  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:23:32.0877 0x1ce4  nvstor - ok
20:23:32.0932 0x1ce4  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:23:32.0975 0x1ce4  OneSyncSvc - ok
20:23:33.0082 0x1ce4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:23:33.0117 0x1ce4  ose - ok
20:23:33.0373 0x1ce4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:23:33.0592 0x1ce4  osppsvc - ok
20:23:33.0710 0x1ce4  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:23:33.0755 0x1ce4  p2pimsvc - ok
20:23:33.0817 0x1ce4  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:23:33.0865 0x1ce4  p2psvc - ok
20:23:33.0911 0x1ce4  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:23:33.0941 0x1ce4  Parport - ok
20:23:33.0985 0x1ce4  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:23:34.0010 0x1ce4  partmgr - ok
20:23:34.0054 0x1ce4  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:23:34.0096 0x1ce4  PcaSvc - ok
20:23:34.0136 0x1ce4  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:23:34.0169 0x1ce4  pci - ok
20:23:34.0207 0x1ce4  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:23:34.0228 0x1ce4  pciide - ok
20:23:34.0254 0x1ce4  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:23:34.0278 0x1ce4  pcmcia - ok
20:23:34.0319 0x1ce4  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:23:34.0341 0x1ce4  pcw - ok
20:23:34.0374 0x1ce4  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:23:34.0399 0x1ce4  pdc - ok
20:23:34.0484 0x1ce4  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:23:34.0554 0x1ce4  PEAUTH - ok
20:23:34.0613 0x1ce4  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:23:34.0635 0x1ce4  percsas2i - ok
20:23:34.0664 0x1ce4  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:23:34.0688 0x1ce4  percsas3i - ok
20:23:34.0726 0x1ce4  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:23:34.0761 0x1ce4  PerfHost - ok
20:23:34.0840 0x1ce4  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:23:34.0907 0x1ce4  PhoneSvc - ok
20:23:34.0976 0x1ce4  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:23:35.0012 0x1ce4  PimIndexMaintenanceSvc - ok
20:23:35.0102 0x1ce4  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
20:23:35.0201 0x1ce4  pla - ok
20:23:35.0252 0x1ce4  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:23:35.0292 0x1ce4  PlugPlay - ok
20:23:35.0322 0x1ce4  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:23:35.0340 0x1ce4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:23:35.0341 0x1ce4  Detect skipped due to KSN trusted
20:23:35.0341 0x1ce4  Pml Driver HPZ12 - ok
         


Alt 11.03.2017, 20:49   #6
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Teil 3:

Code:
ATTFilter
20:23:35.0362 0x1ce4  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:23:35.0409 0x1ce4  PNRPAutoReg - ok
20:23:35.0452 0x1ce4  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:23:35.0496 0x1ce4  PNRPsvc - ok
20:23:35.0551 0x1ce4  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:23:35.0598 0x1ce4  PolicyAgent - ok
20:23:35.0647 0x1ce4  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
20:23:35.0683 0x1ce4  Power - ok
20:23:35.0720 0x1ce4  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:23:35.0756 0x1ce4  PptpMiniport - ok
20:23:35.0937 0x1ce4  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:23:36.0142 0x1ce4  PrintNotify - ok
20:23:36.0212 0x1ce4  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:23:36.0242 0x1ce4  Processor - ok
20:23:36.0344 0x1ce4  [ BA2DA685FB152180908C7D778B2BBD61, 335C81941855D3DE90443E47E42D44645BE2AB736334DB96C0890D82EEF03475 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
20:23:36.0420 0x1ce4  ProductAgentService - ok
20:23:36.0475 0x1ce4  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:23:36.0521 0x1ce4  ProfSvc - ok
20:23:36.0560 0x1ce4  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:23:36.0587 0x1ce4  Psched - ok
20:23:36.0648 0x1ce4  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:23:36.0688 0x1ce4  QWAVE - ok
20:23:36.0717 0x1ce4  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:23:36.0743 0x1ce4  QWAVEdrv - ok
20:23:36.0782 0x1ce4  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:23:36.0807 0x1ce4  RasAcd - ok
20:23:36.0893 0x1ce4  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:23:36.0922 0x1ce4  RasAgileVpn - ok
20:23:36.0961 0x1ce4  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:23:36.0994 0x1ce4  RasAuto - ok
20:23:37.0018 0x1ce4  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:23:37.0055 0x1ce4  Rasl2tp - ok
20:23:37.0112 0x1ce4  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:23:37.0172 0x1ce4  RasMan - ok
20:23:37.0221 0x1ce4  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:23:37.0250 0x1ce4  RasPppoe - ok
20:23:37.0280 0x1ce4  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:23:37.0316 0x1ce4  RasSstp - ok
20:23:37.0346 0x1ce4  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:23:37.0385 0x1ce4  rdbss - ok
20:23:37.0439 0x1ce4  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:23:37.0463 0x1ce4  rdpbus - ok
20:23:37.0497 0x1ce4  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:23:37.0530 0x1ce4  RDPDR - ok
20:23:37.0608 0x1ce4  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:23:37.0629 0x1ce4  RdpVideoMiniport - ok
20:23:37.0659 0x1ce4  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:23:37.0691 0x1ce4  rdyboost - ok
20:23:37.0777 0x1ce4  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:23:37.0835 0x1ce4  ReFSv1 - ok
20:23:37.0903 0x1ce4  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:23:37.0954 0x1ce4  RemoteAccess - ok
20:23:37.0993 0x1ce4  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:23:38.0034 0x1ce4  RemoteRegistry - ok
20:23:38.0088 0x1ce4  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:23:38.0148 0x1ce4  RetailDemo - ok
20:23:38.0251 0x1ce4  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:23:38.0291 0x1ce4  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
20:23:38.0292 0x1ce4  Detect skipped due to KSN trusted
20:23:38.0292 0x1ce4  RichVideo - ok
20:23:38.0436 0x1ce4  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
20:23:38.0481 0x1ce4  RmSvc - ok
20:23:38.0519 0x1ce4  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:23:38.0550 0x1ce4  RpcEptMapper - ok
20:23:38.0593 0x1ce4  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:23:38.0620 0x1ce4  RpcLocator - ok
20:23:38.0668 0x1ce4  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:23:38.0742 0x1ce4  RpcSs - ok
20:23:38.0777 0x1ce4  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:23:38.0805 0x1ce4  rspndr - ok
20:23:38.0862 0x1ce4  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
20:23:38.0916 0x1ce4  rt640x64 - ok
20:23:38.0965 0x1ce4  [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
20:23:38.0979 0x1ce4  rtport - ok
20:23:39.0005 0x1ce4  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:23:39.0029 0x1ce4  s3cap - ok
20:23:39.0067 0x1ce4  [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI            C:\windows\system32\Drivers\SABI.sys
20:23:39.0088 0x1ce4  SABI - ok
20:23:39.0122 0x1ce4  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:23:39.0146 0x1ce4  SamSs - ok
20:23:39.0253 0x1ce4  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:23:39.0277 0x1ce4  sbp2port - ok
20:23:39.0320 0x1ce4  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:23:39.0360 0x1ce4  SCardSvr - ok
20:23:39.0428 0x1ce4  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:23:39.0465 0x1ce4  ScDeviceEnum - ok
20:23:39.0513 0x1ce4  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:23:39.0539 0x1ce4  scfilter - ok
20:23:39.0603 0x1ce4  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:23:39.0684 0x1ce4  Schedule - ok
20:23:39.0761 0x1ce4  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
20:23:39.0785 0x1ce4  scmbus - ok
20:23:39.0844 0x1ce4  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
20:23:39.0875 0x1ce4  scmdisk0101 - ok
20:23:39.0903 0x1ce4  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:23:39.0937 0x1ce4  SCPolicySvc - ok
20:23:39.0988 0x1ce4  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:23:40.0021 0x1ce4  sdbus - ok
20:23:40.0054 0x1ce4  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:23:40.0090 0x1ce4  SDRSVC - ok
20:23:40.0128 0x1ce4  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:23:40.0152 0x1ce4  sdstor - ok
20:23:40.0179 0x1ce4  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:23:40.0207 0x1ce4  seclogon - ok
20:23:40.0243 0x1ce4  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
20:23:40.0273 0x1ce4  SENS - ok
20:23:40.0344 0x1ce4  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:23:40.0438 0x1ce4  SensorDataService - ok
20:23:40.0476 0x1ce4  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:23:40.0524 0x1ce4  SensorService - ok
20:23:40.0568 0x1ce4  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:23:40.0604 0x1ce4  SensrSvc - ok
20:23:40.0659 0x1ce4  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:23:40.0683 0x1ce4  SerCx - ok
20:23:40.0724 0x1ce4  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:23:40.0752 0x1ce4  SerCx2 - ok
20:23:40.0776 0x1ce4  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:23:40.0802 0x1ce4  Serenum - ok
20:23:40.0831 0x1ce4  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:23:40.0859 0x1ce4  Serial - ok
20:23:40.0881 0x1ce4  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:23:40.0916 0x1ce4  sermouse - ok
20:23:40.0993 0x1ce4  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:23:41.0040 0x1ce4  SessionEnv - ok
20:23:41.0098 0x1ce4  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:23:41.0123 0x1ce4  sfloppy - ok
20:23:41.0184 0x1ce4  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\WINDOWS\system32\DRIVERS\Sftfslh.sys
20:23:41.0230 0x1ce4  Sftfs - ok
20:23:41.0319 0x1ce4  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:23:41.0382 0x1ce4  sftlist - ok
20:23:41.0422 0x1ce4  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys
20:23:41.0449 0x1ce4  Sftplay - ok
20:23:41.0475 0x1ce4  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys
20:23:41.0494 0x1ce4  Sftredir - ok
20:23:41.0517 0x1ce4  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\WINDOWS\system32\DRIVERS\Sftvollh.sys
20:23:41.0535 0x1ce4  Sftvol - ok
20:23:41.0570 0x1ce4  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:23:41.0622 0x1ce4  sftvsa - ok
20:23:41.0660 0x1ce4  [ 2FE1CD3AA602414841DB10AD96C95A5E, 1A2489DF37C13B578E69AA0D3D5DB3627C77750C45D78BB2872E29DD10253326 ] SGDrv           C:\WINDOWS\System32\drivers\SGdrv64.sys
20:23:41.0681 0x1ce4  SGDrv - ok
20:23:41.0734 0x1ce4  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:23:41.0787 0x1ce4  SharedAccess - ok
20:23:41.0871 0x1ce4  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:23:41.0939 0x1ce4  ShellHWDetection - ok
20:23:41.0981 0x1ce4  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
20:23:42.0017 0x1ce4  shpamsvc - ok
20:23:42.0051 0x1ce4  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:23:42.0074 0x1ce4  SiSRaid2 - ok
20:23:42.0109 0x1ce4  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:23:42.0133 0x1ce4  SiSRaid4 - ok
20:23:42.0248 0x1ce4  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:23:42.0302 0x1ce4  SkypeUpdate - ok
20:23:42.0340 0x1ce4  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
20:23:42.0368 0x1ce4  smphost - ok
20:23:42.0437 0x1ce4  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:23:42.0494 0x1ce4  SmsRouter - ok
20:23:42.0543 0x1ce4  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:23:42.0573 0x1ce4  SNMPTRAP - ok
20:23:42.0627 0x1ce4  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:23:42.0671 0x1ce4  spaceport - ok
20:23:42.0704 0x1ce4  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:23:42.0728 0x1ce4  SpbCx - ok
20:23:42.0792 0x1ce4  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:23:42.0860 0x1ce4  Spooler - ok
20:23:43.0085 0x1ce4  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:23:43.0424 0x1ce4  sppsvc - ok
20:23:43.0501 0x1ce4  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:23:43.0545 0x1ce4  srv - ok
20:23:43.0612 0x1ce4  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:23:43.0673 0x1ce4  srv2 - ok
20:23:43.0738 0x1ce4  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:23:43.0775 0x1ce4  srvnet - ok
20:23:43.0832 0x1ce4  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:23:43.0889 0x1ce4  SSDPSRV - ok
20:23:43.0942 0x1ce4  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:23:43.0981 0x1ce4  SstpSvc - ok
20:23:44.0197 0x1ce4  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:23:44.0433 0x1ce4  StateRepository - ok
20:23:44.0501 0x1ce4  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:23:44.0523 0x1ce4  stexstor - ok
20:23:44.0578 0x1ce4  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:23:44.0640 0x1ce4  stisvc - ok
20:23:44.0689 0x1ce4  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:23:44.0714 0x1ce4  storahci - ok
20:23:44.0741 0x1ce4  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:23:44.0763 0x1ce4  storflt - ok
20:23:44.0793 0x1ce4  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:23:44.0817 0x1ce4  stornvme - ok
20:23:44.0866 0x1ce4  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:23:44.0918 0x1ce4  storqosflt - ok
20:23:44.0982 0x1ce4  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:23:45.0029 0x1ce4  StorSvc - ok
20:23:45.0048 0x1ce4  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:23:45.0069 0x1ce4  storufs - ok
20:23:45.0091 0x1ce4  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:23:45.0114 0x1ce4  storvsc - ok
20:23:45.0150 0x1ce4  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:23:45.0182 0x1ce4  svsvc - ok
20:23:45.0195 0x1ce4  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:23:45.0216 0x1ce4  swenum - ok
20:23:45.0248 0x1ce4  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
20:23:45.0303 0x1ce4  swprv - ok
20:23:45.0358 0x1ce4  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:23:45.0385 0x1ce4  Synth3dVsc - ok
20:23:45.0450 0x1ce4  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:23:45.0531 0x1ce4  SysMain - ok
20:23:45.0613 0x1ce4  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:23:45.0660 0x1ce4  SystemEventsBroker - ok
20:23:45.0713 0x1ce4  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:23:45.0749 0x1ce4  TabletInputService - ok
20:23:45.0784 0x1ce4  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:23:45.0826 0x1ce4  TapiSrv - ok
20:23:46.0000 0x1ce4  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:23:46.0133 0x1ce4  Tcpip - ok
20:23:46.0219 0x1ce4  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:23:46.0344 0x1ce4  Tcpip6 - ok
20:23:46.0383 0x1ce4  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:23:46.0409 0x1ce4  tcpipreg - ok
20:23:46.0449 0x1ce4  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:23:46.0474 0x1ce4  tdx - ok
20:23:46.0515 0x1ce4  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:23:46.0536 0x1ce4  terminpt - ok
20:23:46.0611 0x1ce4  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
20:23:46.0689 0x1ce4  TermService - ok
20:23:46.0719 0x1ce4  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:23:46.0759 0x1ce4  Themes - ok
20:23:46.0811 0x1ce4  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:23:46.0858 0x1ce4  TieringEngineService - ok
20:23:46.0900 0x1ce4  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:23:46.0957 0x1ce4  tiledatamodelsvc - ok
20:23:47.0008 0x1ce4  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
20:23:47.0044 0x1ce4  TimeBrokerSvc - ok
20:23:47.0103 0x1ce4  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:23:47.0133 0x1ce4  TPM - ok
20:23:47.0169 0x1ce4  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:23:47.0203 0x1ce4  TrkWks - ok
20:23:47.0254 0x1ce4  [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
20:23:47.0287 0x1ce4  trufos - ok
20:23:47.0377 0x1ce4  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:23:47.0407 0x1ce4  TrustedInstaller - ok
20:23:47.0470 0x1ce4  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
20:23:47.0496 0x1ce4  tsusbflt - ok
20:23:47.0504 0x1ce4  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:23:47.0531 0x1ce4  TsUsbGD - ok
20:23:47.0558 0x1ce4  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:23:47.0590 0x1ce4  tunnel - ok
20:23:47.0652 0x1ce4  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:23:47.0684 0x1ce4  tzautoupdate - ok
20:23:47.0722 0x1ce4  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:23:47.0745 0x1ce4  UASPStor - ok
20:23:47.0772 0x1ce4  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:23:47.0801 0x1ce4  UcmCx0101 - ok
20:23:47.0834 0x1ce4  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
20:23:47.0865 0x1ce4  UcmTcpciCx0101 - ok
20:23:47.0874 0x1ce4  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:23:47.0902 0x1ce4  UcmUcsi - ok
20:23:47.0933 0x1ce4  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:23:47.0983 0x1ce4  Ucx01000 - ok
20:23:48.0022 0x1ce4  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:23:48.0048 0x1ce4  UdeCx - ok
20:23:48.0080 0x1ce4  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:23:48.0128 0x1ce4  udfs - ok
20:23:48.0155 0x1ce4  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:23:48.0177 0x1ce4  UEFI - ok
20:23:48.0212 0x1ce4  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:23:48.0244 0x1ce4  Ufx01000 - ok
20:23:48.0279 0x1ce4  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:23:48.0303 0x1ce4  UfxChipidea - ok
20:23:48.0339 0x1ce4  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:23:48.0365 0x1ce4  ufxsynopsys - ok
20:23:48.0410 0x1ce4  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:23:48.0442 0x1ce4  UI0Detect - ok
20:23:48.0462 0x1ce4  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:23:48.0490 0x1ce4  umbus - ok
20:23:48.0517 0x1ce4  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:23:48.0541 0x1ce4  UmPass - ok
20:23:48.0599 0x1ce4  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:23:48.0641 0x1ce4  UmRdpService - ok
20:23:48.0711 0x1ce4  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:23:48.0798 0x1ce4  UnistoreSvc - ok
20:23:48.0919 0x1ce4  [ 547FC25EE3FF3C3EC02D6A828644C0A2, 8901E977FF4B822DFA485D09C96F74B5F82ED994EFE94F59F35B7817500E110A ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
20:23:48.0940 0x1ce4  UPDATESRV - ok
20:23:49.0011 0x1ce4  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:23:49.0068 0x1ce4  upnphost - ok
20:23:49.0128 0x1ce4  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:23:49.0150 0x1ce4  UrsChipidea - ok
20:23:49.0179 0x1ce4  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:23:49.0202 0x1ce4  UrsCx01000 - ok
20:23:49.0237 0x1ce4  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:23:49.0274 0x1ce4  UrsSynopsys - ok
20:23:49.0303 0x1ce4  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:23:49.0357 0x1ce4  usbccgp - ok
20:23:49.0394 0x1ce4  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:23:49.0424 0x1ce4  usbcir - ok
20:23:49.0464 0x1ce4  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:23:49.0487 0x1ce4  usbehci - ok
20:23:49.0533 0x1ce4  [ B7037444DC5138FC7D3D3968B4DE5C4B, DD9E3E40766A3F3B708DA341B7280E447788218ED677E1A24EC0CD04B04281B2 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
20:23:49.0548 0x1ce4  usbfilter - ok
20:23:49.0586 0x1ce4  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:23:49.0626 0x1ce4  usbhub - ok
20:23:49.0666 0x1ce4  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:23:49.0708 0x1ce4  USBHUB3 - ok
20:23:49.0737 0x1ce4  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:23:49.0763 0x1ce4  usbohci - ok
20:23:49.0784 0x1ce4  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:23:49.0810 0x1ce4  usbprint - ok
20:23:49.0840 0x1ce4  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:23:49.0868 0x1ce4  usbser - ok
20:23:49.0910 0x1ce4  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:23:49.0969 0x1ce4  USBSTOR - ok
20:23:50.0003 0x1ce4  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:23:50.0041 0x1ce4  usbuhci - ok
20:23:50.0093 0x1ce4  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:23:50.0129 0x1ce4  usbvideo - ok
20:23:50.0173 0x1ce4  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:23:50.0210 0x1ce4  USBXHCI - ok
20:23:50.0315 0x1ce4  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:23:50.0420 0x1ce4  UserDataSvc - ok
20:23:50.0515 0x1ce4  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:23:50.0593 0x1ce4  UserManager - ok
20:23:50.0672 0x1ce4  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:23:50.0727 0x1ce4  UsoSvc - ok
20:23:50.0758 0x1ce4  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:23:50.0784 0x1ce4  VaultSvc - ok
20:23:50.0800 0x1ce4  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:23:50.0822 0x1ce4  vdrvroot - ok
20:23:50.0891 0x1ce4  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
20:23:50.0956 0x1ce4  vds - ok
20:23:50.0987 0x1ce4  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:23:51.0016 0x1ce4  VerifierExt - ok
20:23:51.0080 0x1ce4  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:23:51.0129 0x1ce4  vhdmp - ok
20:23:51.0161 0x1ce4  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:23:51.0185 0x1ce4  vhf - ok
20:23:51.0223 0x1ce4  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:23:51.0249 0x1ce4  vmbus - ok
20:23:51.0273 0x1ce4  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:23:51.0297 0x1ce4  VMBusHID - ok
20:23:51.0336 0x1ce4  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
20:23:51.0362 0x1ce4  vmgid - ok
20:23:51.0406 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
20:23:51.0448 0x1ce4  vmicguestinterface - ok
20:23:51.0462 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
20:23:51.0504 0x1ce4  vmicheartbeat - ok
20:23:51.0520 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
20:23:51.0560 0x1ce4  vmickvpexchange - ok
20:23:51.0597 0x1ce4  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
20:23:51.0640 0x1ce4  vmicrdv - ok
20:23:51.0658 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
20:23:51.0700 0x1ce4  vmicshutdown - ok
20:23:51.0715 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
20:23:51.0756 0x1ce4  vmictimesync - ok
20:23:51.0772 0x1ce4  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
20:23:51.0813 0x1ce4  vmicvmsession - ok
20:23:51.0831 0x1ce4  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
20:23:51.0874 0x1ce4  vmicvss - ok
20:23:51.0903 0x1ce4  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:23:51.0926 0x1ce4  volmgr - ok
20:23:51.0953 0x1ce4  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:23:51.0988 0x1ce4  volmgrx - ok
20:23:52.0026 0x1ce4  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:23:52.0064 0x1ce4  volsnap - ok
20:23:52.0100 0x1ce4  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
20:23:52.0121 0x1ce4  volume - ok
20:23:52.0156 0x1ce4  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:23:52.0180 0x1ce4  vpci - ok
20:23:52.0211 0x1ce4  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:23:52.0238 0x1ce4  vsmraid - ok
20:23:52.0348 0x1ce4  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
20:23:52.0454 0x1ce4  VSS - ok
20:23:52.0546 0x1ce4  [ 96DF3F150627FAB3098583B8A8A2A097, 51873F374E8ED4250BA823D9C015D174C3D03A9B5AF266530761539DB993D831 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
20:23:52.0626 0x1ce4  VSSERV - ok
20:23:52.0701 0x1ce4  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:23:52.0733 0x1ce4  VSTXRAID - ok
20:23:52.0775 0x1ce4  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:23:52.0800 0x1ce4  vwifibus - ok
20:23:52.0823 0x1ce4  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:23:52.0852 0x1ce4  vwififlt - ok
20:23:52.0883 0x1ce4  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
20:23:52.0918 0x1ce4  vwifimp - ok
20:23:53.0051 0x1ce4  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
20:23:53.0105 0x1ce4  W32Time - ok
20:23:53.0188 0x1ce4  [ 4053FB949F48647A327BC18DFEEA4374, 52511C35854A673ADCD9084FEF9BC6A339BCA0290374B81140A371D67B13A8FB ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
20:23:53.0234 0x1ce4  w3logsvc - ok
20:23:53.0308 0x1ce4  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:23:53.0362 0x1ce4  W3SVC - ok
20:23:53.0398 0x1ce4  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:23:53.0425 0x1ce4  WacomPen - ok
20:23:53.0458 0x1ce4  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
20:23:53.0508 0x1ce4  WalletService - ok
20:23:53.0536 0x1ce4  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:23:53.0573 0x1ce4  wanarp - ok
20:23:53.0581 0x1ce4  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:23:53.0619 0x1ce4  wanarpv6 - ok
20:23:53.0642 0x1ce4  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:23:53.0699 0x1ce4  WAS - ok
20:23:53.0803 0x1ce4  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:23:53.0911 0x1ce4  wbengine - ok
20:23:53.0992 0x1ce4  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:23:54.0063 0x1ce4  WbioSrvc - ok
20:23:54.0110 0x1ce4  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
20:23:54.0136 0x1ce4  wcifs - ok
20:23:54.0201 0x1ce4  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:23:54.0275 0x1ce4  Wcmsvc - ok
20:23:54.0324 0x1ce4  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:23:54.0376 0x1ce4  wcncsvc - ok
20:23:54.0422 0x1ce4  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
20:23:54.0449 0x1ce4  wcnfs - ok
20:23:54.0484 0x1ce4  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:23:54.0507 0x1ce4  WdBoot - ok
20:23:54.0609 0x1ce4  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:23:54.0660 0x1ce4  Wdf01000 - ok
20:23:54.0710 0x1ce4  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:23:54.0742 0x1ce4  WdFilter - ok
20:23:54.0785 0x1ce4  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:23:54.0822 0x1ce4  WdiServiceHost - ok
20:23:54.0831 0x1ce4  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:23:54.0869 0x1ce4  WdiSystemHost - ok
20:23:54.0928 0x1ce4  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:23:54.0988 0x1ce4  wdiwifi - ok
20:23:55.0019 0x1ce4  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:23:55.0044 0x1ce4  WdNisDrv - ok
20:23:55.0087 0x1ce4  WdNisSvc - ok
20:23:55.0121 0x1ce4  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:23:55.0166 0x1ce4  WebClient - ok
20:23:55.0189 0x1ce4  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:23:55.0229 0x1ce4  Wecsvc - ok
20:23:55.0273 0x1ce4  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:23:55.0305 0x1ce4  WEPHOSTSVC - ok
20:23:55.0387 0x1ce4  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:23:55.0424 0x1ce4  wercplsupport - ok
20:23:55.0466 0x1ce4  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:23:55.0501 0x1ce4  WerSvc - ok
20:23:55.0565 0x1ce4  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:23:55.0643 0x1ce4  WFPLWFS - ok
20:23:55.0694 0x1ce4  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:23:55.0728 0x1ce4  WiaRpc - ok
20:23:55.0952 0x1ce4  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:23:56.0005 0x1ce4  WIMMount - ok
20:23:56.0012 0x1ce4  WinDefend - ok
20:23:56.0050 0x1ce4  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:23:56.0091 0x1ce4  WindowsTrustedRT - ok
20:23:56.0140 0x1ce4  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:23:56.0162 0x1ce4  WindowsTrustedRTProxy - ok
20:23:56.0271 0x1ce4  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:23:56.0340 0x1ce4  WinHttpAutoProxySvc - ok
20:23:56.0369 0x1ce4  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:23:56.0391 0x1ce4  WinMad - ok
20:23:56.0525 0x1ce4  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:23:56.0562 0x1ce4  Winmgmt - ok
20:23:56.0684 0x1ce4  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:23:56.0869 0x1ce4  WinRM - ok
20:23:56.0962 0x1ce4  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
20:23:56.0990 0x1ce4  WINUSB - ok
20:23:57.0036 0x1ce4  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:23:57.0059 0x1ce4  WinVerbs - ok
20:23:57.0120 0x1ce4  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
20:23:57.0177 0x1ce4  wisvc - ok
20:23:57.0298 0x1ce4  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:23:57.0447 0x1ce4  WlanSvc - ok
20:23:57.0514 0x1ce4  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:23:57.0530 0x1ce4  wlcrasvc - ok
20:23:57.0678 0x1ce4  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:23:57.0813 0x1ce4  wlidsvc - ok
20:23:57.0868 0x1ce4  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:23:57.0893 0x1ce4  WmiAcpi - ok
20:23:57.0970 0x1ce4  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:23:58.0005 0x1ce4  wmiApSrv - ok
20:23:58.0036 0x1ce4  WMPNetworkSvc - ok
20:23:58.0075 0x1ce4  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:23:58.0106 0x1ce4  Wof - ok
20:23:58.0210 0x1ce4  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:23:58.0331 0x1ce4  workfolderssvc - ok
20:23:58.0369 0x1ce4  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:23:58.0402 0x1ce4  WPDBusEnum - ok
20:23:58.0468 0x1ce4  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:23:58.0490 0x1ce4  WpdUpFltr - ok
20:23:58.0516 0x1ce4  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:23:58.0557 0x1ce4  WpnService - ok
20:23:58.0582 0x1ce4  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
20:23:58.0615 0x1ce4  WpnUserService - ok
20:23:58.0785 0x1ce4  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:23:58.0810 0x1ce4  ws2ifsl - ok
20:23:58.0912 0x1ce4  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:23:58.0951 0x1ce4  wscsvc - ok
20:23:58.0958 0x1ce4  WSearch - ok
20:23:59.0104 0x1ce4  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:23:59.0252 0x1ce4  wuauserv - ok
20:23:59.0298 0x1ce4  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:23:59.0328 0x1ce4  WudfPf - ok
20:23:59.0363 0x1ce4  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
20:23:59.0399 0x1ce4  WUDFRd - ok
20:23:59.0436 0x1ce4  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:23:59.0471 0x1ce4  wudfsvc - ok
20:23:59.0484 0x1ce4  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:23:59.0521 0x1ce4  WUDFWpdFs - ok
20:23:59.0593 0x1ce4  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:23:59.0687 0x1ce4  WwanSvc - ok
20:23:59.0773 0x1ce4  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:23:59.0853 0x1ce4  XblAuthManager - ok
20:23:59.0941 0x1ce4  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:24:00.0035 0x1ce4  XblGameSave - ok
20:24:00.0097 0x1ce4  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:24:00.0135 0x1ce4  xboxgip - ok
20:24:00.0204 0x1ce4  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:24:00.0292 0x1ce4  XboxNetApiSvc - ok
20:24:00.0352 0x1ce4  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
20:24:00.0378 0x1ce4  xinputhid - ok
20:24:00.0383 0x1ce4  ================ Scan global ===============================
20:24:00.0493 0x1ce4  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
20:24:00.0543 0x1ce4  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
20:24:00.0647 0x1ce4  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
20:24:00.0688 0x1ce4  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
20:24:00.0704 0x1ce4  [ Global ] - ok
20:24:00.0705 0x1ce4  ================ Scan MBR ==================================
20:24:00.0748 0x1ce4  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
20:24:01.0357 0x1ce4  \Device\Harddisk0\DR0 - ok
20:24:01.0358 0x1ce4  ================ Scan VBR ==================================
20:24:01.0388 0x1ce4  [ 9D865CF95DF013723C0BF933684537A0 ] \Device\Harddisk0\DR0\Partition1
20:24:01.0390 0x1ce4  \Device\Harddisk0\DR0\Partition1 - ok
20:24:01.0418 0x1ce4  [ FB151AB35BB8AF4C986A0E5663AB00BD ] \Device\Harddisk0\DR0\Partition2
20:24:01.0420 0x1ce4  \Device\Harddisk0\DR0\Partition2 - ok
20:24:01.0448 0x1ce4  [ 2704C882109B92D9348729648EF2B251 ] \Device\Harddisk0\DR0\Partition3
20:24:01.0451 0x1ce4  \Device\Harddisk0\DR0\Partition3 - ok
20:24:01.0452 0x1ce4  ================ Scan generic autorun ======================
20:24:02.0016 0x1ce4  [ C6992F5730886B6977313918583D13C7, 5D75DBF4D272BD4A8DDF40C7D9D8044621EFD12AB4303DBF90538AFBE2FEFD42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:24:02.0727 0x1ce4  RtHDVCpl - ok
20:24:02.0757 0x1ce4  ETDCtrl - ok
20:24:02.0851 0x1ce4  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:24:02.0895 0x1ce4  StartCCC - ok
20:24:03.0024 0x1ce4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
20:24:03.0057 0x1ce4  HP Software Update - ok
20:24:03.0436 0x1ce4  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:24:03.0997 0x1ce4  OneDriveSetup - ok
20:24:04.0341 0x1ce4  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:24:04.0768 0x1ce4  OneDriveSetup - ok
20:24:04.0993 0x1ce4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
20:24:05.0042 0x1ce4  Dropbox Update - ok
20:24:05.0153 0x1ce4  [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:24:05.0262 0x1ce4  OneDrive - ok
20:24:05.0619 0x1ce4  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:24:06.0036 0x1ce4  OneDriveSetup - ok
20:24:06.0134 0x1ce4  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
20:24:06.0212 0x1ce4  WAB Migrate - ok
20:24:06.0225 0x1ce4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
20:24:06.0226 0x1ce4  AV detected via SS2: Bitdefender-Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.4.0.216 ), 0x41000 ( enabled : updated )
20:24:06.0230 0x1ce4  Win FW state via NFP2: enabled ( trusted )
20:24:06.0315 0x1ce4  ============================================================
20:24:06.0315 0x1ce4  Scan finished
20:24:06.0315 0x1ce4  ============================================================
20:24:06.0346 0x1828  Detected object count: 0
20:24:06.0346 0x1828  Actual detected object count: 0
         

Alt 12.03.2017, 11:28   #7
M-K-D-B
/// TB-Ausbilder
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> {0CD413A5-25C0-4513-A268-CED8EFAF18A8} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
2012-04-19 07:59 - 2012-04-19 07:59 - 0473600 _____ () C:\Program Files\setup.exe
2012-04-19 07:59 - 2012-04-19 07:59 - 0000290 _____ () C:\Program Files\setup.ini
Task: {07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1C267C23-B5F9-41FF-A4D5-92C4B112F598} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1ED078EF-C616-449A-9E71-3FF7CE79AF8D} - System32\Tasks\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => pcalua.exe -a C:\Users\Silvia\Documents\dbgview\DBGVIEW.EXE -d C:\Users\Silvia\Documents\dbgview
Task: {2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3F0C9060-E8B5-4D4D-B60B-15ED2B085296} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {43C4CCEB-42BC-4680-93D3-1C620439C826} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {44EF540E-C6D8-4717-9B55-5525DA621CDE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {54D5411A-538D-4D2E-B0C2-D79A683DEEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {85E7851F-6507-45F7-B071-77F75A503F5B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8748D2C8-7B61-46D6-8560-B806F3E45DC2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {881323E1-6913-4B08-9348-3BBEDA2FED8C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AC2B6A0D-936A-493E-AEBC-22346C4B382D} - System32\Tasks\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => pcalua.exe -a C:\Users\Silvia\Downloads\p-std.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D00A0671-354F-4F46-90B3-CE483FFBB1D6} - System32\Tasks\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => pcalua.exe -a C:\Users\Silvia\Downloads\NeroClassic\nero60023.exe -d C:\Users\Silvia\Downloads\NeroClassic
Task: {D1E76148-5778-4CFB-BA87-2269DB3D4FD9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {EE38C2DC-835A-47AA-83A0-1A102876D107} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 4
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logatei des FRST-Fix,
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Alt 12.03.2017, 15:15   #8
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus Matthias,

anbei die Infos...

FRST Fix (Fixlog):

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Silvia (12-03-2017 13:43:38) Run:1
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> {0CD413A5-25C0-4513-A268-CED8EFAF18A8} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Toolbar: HKU\S-1-5-21-983883370-204824152-491102941-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
2012-04-19 07:59 - 2012-04-19 07:59 - 0473600 _____ () C:\Program Files\setup.exe
2012-04-19 07:59 - 2012-04-19 07:59 - 0000290 _____ () C:\Program Files\setup.ini
Task: {07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1C267C23-B5F9-41FF-A4D5-92C4B112F598} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1ED078EF-C616-449A-9E71-3FF7CE79AF8D} - System32\Tasks\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => pcalua.exe -a C:\Users\Silvia\Documents\dbgview\DBGVIEW.EXE -d C:\Users\Silvia\Documents\dbgview
Task: {2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3F0C9060-E8B5-4D4D-B60B-15ED2B085296} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {43C4CCEB-42BC-4680-93D3-1C620439C826} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {44EF540E-C6D8-4717-9B55-5525DA621CDE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {54D5411A-538D-4D2E-B0C2-D79A683DEEF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {85E7851F-6507-45F7-B071-77F75A503F5B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8748D2C8-7B61-46D6-8560-B806F3E45DC2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {881323E1-6913-4B08-9348-3BBEDA2FED8C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AC2B6A0D-936A-493E-AEBC-22346C4B382D} - System32\Tasks\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => pcalua.exe -a C:\Users\Silvia\Downloads\p-std.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D00A0671-354F-4F46-90B3-CE483FFBB1D6} - System32\Tasks\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => pcalua.exe -a C:\Users\Silvia\Downloads\NeroClassic\nero60023.exe -d C:\Users\Silvia\Downloads\NeroClassic
Task: {D1E76148-5778-4CFB-BA87-2269DB3D4FD9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {EE38C2DC-835A-47AA-83A0-1A102876D107} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0CD413A5-25C0-4513-A268-CED8EFAF18A8} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0CD413A5-25C0-4513-A268-CED8EFAF18A8} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Wert erfolgreich entfernt
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Wert erfolgreich entfernt
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Schlüssel nicht gefunden. 
C:\Program Files\setup.exe => erfolgreich verschoben
C:\Program Files\setup.ini => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07DA5524-FFB1-4CE3-B07B-BBE2C29E5385} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C267C23-B5F9-41FF-A4D5-92C4B112F598} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C267C23-B5F9-41FF-A4D5-92C4B112F598} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ED078EF-C616-449A-9E71-3FF7CE79AF8D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED078EF-C616-449A-9E71-3FF7CE79AF8D} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{877C8A6D-9FA5-41CA-8842-83A5F8A9F7E0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FFC7E9B-A48E-4878-86E7-5B5FD9C7CFF1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F0C9060-E8B5-4D4D-B60B-15ED2B085296} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F0C9060-E8B5-4D4D-B60B-15ED2B085296} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43C4CCEB-42BC-4680-93D3-1C620439C826} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43C4CCEB-42BC-4680-93D3-1C620439C826} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44EF540E-C6D8-4717-9B55-5525DA621CDE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44EF540E-C6D8-4717-9B55-5525DA621CDE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54D5411A-538D-4D2E-B0C2-D79A683DEEF9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54D5411A-538D-4D2E-B0C2-D79A683DEEF9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC2FF85-E692-4FA0-B1F6-0F38E6B98D34} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F6E5A96-BEC4-4BEF-BEE2-47968000AD22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85E7851F-6507-45F7-B071-77F75A503F5B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85E7851F-6507-45F7-B071-77F75A503F5B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8748D2C8-7B61-46D6-8560-B806F3E45DC2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8748D2C8-7B61-46D6-8560-B806F3E45DC2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881323E1-6913-4B08-9348-3BBEDA2FED8C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881323E1-6913-4B08-9348-3BBEDA2FED8C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC2B6A0D-936A-493E-AEBC-22346C4B382D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC2B6A0D-936A-493E-AEBC-22346C4B382D} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DC4673D-89F6-4667-8059-6A8D8FCCA84B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D00A0671-354F-4F46-90B3-CE483FFBB1D6} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00A0671-354F-4F46-90B3-CE483FFBB1D6} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8E26E545-7CEE-4E2D-B6A1-5E627B7BAF4A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1E76148-5778-4CFB-BA87-2269DB3D4FD9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1E76148-5778-4CFB-BA87-2269DB3D4FD9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE38C2DC-835A-47AA-83A0-1A102876D107} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE38C2DC-835A-47AA-83A0-1A102876D107} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files

12.03.2017  13:43    <DIR>          .
12.03.2017  13:43    <DIR>          ..
14.10.2016  23:56    <DIR>          AMD
03.11.2011  17:59    <DIR>          ATI
14.10.2016  23:48    <DIR>          ATI Technologies
14.04.2016  18:03    <DIR>          Bitdefender
12.03.2017  13:35    <DIR>          Bitdefender Agent
14.10.2016  23:56    <DIR>          Common Files
15.03.2013  10:22    <DIR>          DIFX
06.03.2016  12:09    <DIR>          DVD Maker
05.12.2016  22:13    <DIR>          Elantech
19.08.2012  14:56    <DIR>          Google
16.01.2017  13:18    <DIR>          Internet Explorer
28.07.2013  10:24    <DIR>          Java
19.08.2012  12:08    <DIR>          licenses
14.10.2016  23:56    <DIR>          Microsoft Games
01.01.2013  09:07    <DIR>          Microsoft Office
13.10.2016  06:25    <DIR>          Microsoft Silverlight
15.10.2016  00:18    <DIR>          MSBuild
19.04.2012  08:08       141.590.843 openofficeorg1.cab
19.04.2012  07:59         3.125.248 openofficeorg34.msi
19.08.2012  12:08    <DIR>          readmes
14.10.2016  23:47    <DIR>          Realtek
19.08.2012  12:08    <DIR>          redist
15.10.2016  00:18    <DIR>          Reference Assemblies
03.11.2011  18:33    <DIR>          Samsung
02.03.2014  18:17    <DIR>          Sweet Home 3D
21.07.2016  21:40    <DIR>          WajaWebEnhancer
15.10.2016  00:36    <DIR>          Windows Defender
03.11.2011  19:15    <DIR>          Windows Live
14.10.2016  23:56    <DIR>          Windows Mail
02.11.2016  23:28    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
15.10.2016  00:30    <DIR>          Windows NT
15.10.2016  00:36    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
30.10.2015  07:35    <DIR>          WInterEn
               2 Datei(en),    144.716.091 Bytes
              36 Verzeichnis(se), 94.416.990.208 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files (x86)

09.03.2017  21:26    <DIR>          .
09.03.2017  21:26    <DIR>          ..
04.02.2016  20:28    <DIR>          Adobe
05.03.2016  18:57    <DIR>          Ahead
02.09.2013  07:21    <DIR>          ALDI Bestellsoftware
03.11.2011  18:01    <DIR>          AMD
03.11.2011  18:01    <DIR>          AMD APP
03.11.2011  18:04    <DIR>          Atheros
14.10.2016  23:48    <DIR>          ATI Technologies
03.12.2015  20:04    <DIR>          CDBurnerXP
14.01.2017  21:28    <DIR>          Common Files
03.11.2011  19:46    <DIR>          CyberLink
14.01.2017  13:00    <DIR>          devolo
14.10.2012  19:58    <DIR>          dm
10.04.2016  19:43    <DIR>          ElsterFormular
24.11.2012  14:46    <DIR>          Finanzportal24
01.06.2014  20:09    <DIR>          FLV Player
04.12.2015  17:07    <DIR>          fotokasten comfort
15.02.2017  10:14    <DIR>          Google
02.06.2015  19:58    <DIR>          HP
16.01.2017  13:18    <DIR>          Internet Explorer
25.03.2016  18:11    <DIR>          Java
17.03.2013  21:23    <DIR>          Microsoft
13.05.2015  22:04    <DIR>          Microsoft Application Virtualization Client
01.01.2013  09:07    <DIR>          Microsoft Office
13.10.2016  06:25    <DIR>          Microsoft Silverlight
03.11.2011  19:21    <DIR>          Microsoft SQL Server Compact Edition
16.07.2016  12:47    <DIR>          Microsoft.NET
03.06.2015  15:07    <DIR>          Mozilla Firefox
09.03.2017  15:16    <DIR>          Mozilla Maintenance Service
09.03.2017  15:15    <DIR>          Mozilla Thunderbird
15.10.2016  00:18    <DIR>          MSBuild
17.03.2013  18:56    <DIR>          MSXML 4.0
06.03.2016  10:29    <DIR>          Nero
07.06.2013  12:30    <DIR>          Nokia
19.08.2012  12:11    <DIR>          OpenOffice.org 3
03.11.2011  18:03    <DIR>          Realtek
15.10.2016  00:18    <DIR>          Reference Assemblies
06.03.2016  12:09    <DIR>          Samsung
14.01.2017  21:28    <DIR>          Skype
01.03.2015  13:23    <DIR>          SuperTuxKart
03.11.2011  18:40    <DIR>          Symantec
01.03.2015  12:27    <DIR>          WEB.DE MailCheck
03.11.2011  18:40    <DIR>          WildGames
15.10.2016  00:36    <DIR>          Windows Defender
03.11.2011  19:36    <DIR>          Windows Live
14.10.2016  23:56    <DIR>          Windows Mail
02.11.2016  23:28    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
16.07.2016  12:47    <DIR>          Windows NT
15.10.2016  00:36    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
06.09.2015  08:54    <DIR>          WISO
               0 Datei(en),              0 Bytes
              54 Verzeichnis(se), 94.416.990.208 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\ProgramData

14.04.2016  18:41           627.349 1460653227.bdinstall.bin
15.06.2016  06:33            26.781 1465968770.bdinstall.bin
09.03.2017  21:33            97.882 1489091590.bdinstall.bin
04.02.2016  20:28    <DIR>          Adobe
20.09.2016  11:32            26.838 agent.1474367523.bdinstall.bin
02.11.2016  14:41            28.759 agent.1478094058.bdinstall.bin
14.10.2016  23:48    <DIR>          AMD
07.11.2014  09:49    <DIR>          APN
09.03.2013  09:02    <DIR>          Ask
03.11.2011  18:04    <DIR>          Atheros
06.03.2016  13:19    <DIR>          ATI
20.05.2013  16:31    <DIR>          Avira
11.05.2014  17:56    <DIR>          bdch
17.04.2016  21:50    <DIR>          BDLogging
14.04.2016  18:28    <DIR>          Bitdefender
25.03.2016  17:33    <DIR>          Bitdefender Agent
09.05.2013  18:45    <DIR>          Buhl Data Service GmbH
03.12.2015  20:05    <DIR>          Canneverbe Limited
16.07.2016  12:47    <DIR>          Comms
28.12.2012  22:17    <DIR>          CyberLink
12.06.2015  22:02    <DIR>          Dropbox
10.04.2016  20:08    <DIR>          elsterformular
24.11.2012  14:50    <DIR>          Finanzportal24
12.07.2013  07:42    <DIR>          fotokasten comfort
26.12.2014  21:42    <DIR>          HP
26.12.2014  18:53    <DIR>          HP Product Assistant
26.08.2013  18:25    <DIR>          hps
26.12.2014  21:42               836 hpzinstall.log
15.10.2016  06:40    <DIR>          Microsoft OneDrive
19.08.2012  15:02    <DIR>          Mozilla
06.03.2016  10:29    <DIR>          Nero
07.06.2013  12:30    <DIR>          Nokia
15.03.2013  10:19    <DIR>          NokiaInstallerCache
20.05.2013  16:50    <DIR>          Norton
03.11.2011  18:40    <DIR>          NortonInstaller
25.03.2016  18:18    <DIR>          Oracle
14.10.2016  23:56    <DIR>          Package Cache
15.03.2013  10:24    <DIR>          PC Suite
15.10.2016  00:05    <DIR>          regid.1991-06.com.microsoft
14.08.2012  19:20    <DIR>          SAMSUNG
14.01.2017  21:28    <DIR>          Skype
16.07.2016  12:47    <DIR>          SoftwareDistribution
09.03.2013  09:02    <DIR>          Sun
03.11.2011  18:40    <DIR>          Symantec
03.11.2011  19:45    <DIR>          Temp
25.12.2013  09:37    <DIR>          tmp
15.10.2016  00:12    <DIR>          USOPrivate
15.10.2016  00:12    <DIR>          USOShared
01.01.2013  18:14    <DIR>          VirtualizedApplications
26.12.2014  21:43    <DIR>          WEBREG
03.11.2011  18:40    <DIR>          WildTangent
05.03.2016  18:29    <DIR>          WinClon
03.11.2011  19:45               109 {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
03.11.2011  19:37               113 {34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
03.11.2011  19:42               105 {40BF1E83-20EB-11D8-97C5-0009C5020658}.log
03.11.2011  19:41               106 {80E158EA-7181-40FE-A701-301CE6BE64AB}.log
03.11.2011  19:44               110 {CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
              11 Datei(en),        808.988 Bytes
              46 Verzeichnis(se), 94.416.982.016 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Users\Silvia\AppData\Roaming

07.02.2017  18:03    <DIR>          .
07.02.2017  18:03    <DIR>          ..
19.08.2012  07:39    <DIR>          Adobe
29.05.2014  19:36    <DIR>          Ahead
07.10.2012  17:33    <DIR>          AnvSoft
14.08.2012  19:27    <DIR>          ATI
14.04.2016  18:25    <DIR>          Bitdefender
09.05.2013  18:45    <DIR>          Buhl Data Service
03.12.2015  20:04    <DIR>          Canneverbe Limited
28.11.2013  21:24    <DIR>          com.barchart.platform.release
29.05.2014  19:57    <DIR>          CyberLink
14.01.2017  13:01    <DIR>          de.devolo.dLAN.Cockpit
01.03.2015  12:31    <DIR>          dlg
11.03.2017  19:46    <DIR>          Dropbox
28.01.2015  04:55    <DIR>          elsterformular
24.11.2012  14:50    <DIR>          Finanzportal24
25.01.2015  14:36    <DIR>          HP
16.06.2015  21:59    <DIR>          HpUpdate
14.08.2012  19:25    <DIR>          Identities
10.03.2014  20:26    <DIR>          JWrapper-Barchart
14.08.2012  19:57    <DIR>          Macromedia
04.11.2011  08:52    <DIR>          Media Center Programs
19.08.2012  15:02    <DIR>          Mozilla
22.10.2015  21:42    <DIR>          Nero
19.08.2012  12:16    <DIR>          OpenOffice.org
07.11.2014  10:04    <DIR>          Oracle
15.03.2013  10:24    <DIR>          PC Suite
20.05.2013  16:53    <DIR>          QuickScan
02.02.2017  20:51    <DIR>          Skype
17.01.2017  21:53    <DIR>          SoftGrid Client
27.09.2015  12:12    <DIR>          Sun
19.08.2012  15:08    <DIR>          Thunderbird
01.01.2013  09:10    <DIR>          TP
23.05.2016  20:52               385 user_gensett.xml
               1 Datei(en),            385 Bytes
              33 Verzeichnis(se), 94.416.982.016 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Users\Silvia\AppData\Local

11.03.2017  19:33    <DIR>          .
11.03.2017  19:33    <DIR>          ..
06.03.2016  13:18    <DIR>          ActiveSync
23.02.2017  20:49    <DIR>          Adobe
26.09.2012  09:05    <DIR>          Albelli Fotobcher
03.01.2017  16:46    <DIR>          AMD
14.08.2012  19:27    <DIR>          ATI
08.10.2015  21:54    <DIR>          bdch
06.09.2015  09:17    <DIR>          Buhl
09.05.2013  18:45    <DIR>          Buhl Data Service
18.02.2016  22:00    <DIR>          CEF
06.03.2016  13:36    <DIR>          Comms
15.10.2016  16:32    <DIR>          ConnectedDevicesPlatform
05.03.2016  11:55    <DIR>          CrashDumps
20.09.2015  09:08    <DIR>          Diagnostics
09.03.2017  10:17    <DIR>          Dropbox
11.11.2014  21:39    <DIR>          fotokasten comfort
26.12.2014  21:47            69.496 GDIPFONTCACHEV1.DAT
15.11.2012  18:31    <DIR>          Google
02.06.2015  05:47    <DIR>          GWX
07.10.2012  17:24               393 HamsterVideoConverterSettings.cfg
26.12.2014  21:42    <DIR>          HP
19.08.2012  15:29    <DIR>          Macromedia
09.12.2016  22:26    <DIR>          Microsoft
18.07.2015  21:21    <DIR>          Microsoft Games
12.03.2016  17:09    <DIR>          MicrosoftEdge
19.09.2013  09:13    <DIR>          Mozilla
08.02.2017  11:13    <DIR>          Nero
19.03.2016  08:56    <DIR>          Nero_AG
06.03.2016  13:19    <DIR>          NetworkTiles
15.03.2013  10:27    <DIR>          Nokia
07.06.2013  12:30    <DIR>          NokiaAccount
02.12.2016  14:59    <DIR>          Packages
14.08.2012  19:26    <DIR>          Power2Go
02.03.2014  18:17    <DIR>          Programs
06.03.2016  13:15    <DIR>          Publishers
15.08.2012  17:48    <DIR>          Samsung
01.01.2013  09:09    <DIR>          SoftGrid Client
12.03.2017  13:43    <DIR>          Temp
12.03.2015  08:13    <DIR>          Thunderbird
06.03.2016  13:14    <DIR>          TileDataLayer
12.07.2013  09:27    <DIR>          VirtualStore
19.10.2013  20:41    <DIR>          {06B238D4-4EE0-4870-8FE9-DF6E7ADED892}
24.03.2013  17:18    <DIR>          {10A67E1E-1067-4C0B-86EC-3AD94A063770}
29.07.2013  20:19    <DIR>          {2B6AE229-DD74-4963-B3F9-0163DABFF600}
28.05.2013  09:01    <DIR>          {3D538D20-E113-4B9C-9852-9EE55E1DAFCE}
28.05.2013  09:02    <DIR>          {3F1EDAC8-4C24-4F4D-8261-1C7E5654C112}
28.05.2013  14:25    <DIR>          {500ED4B8-871E-4E51-BBF6-ACEB4167364A}
30.05.2013  10:03    <DIR>          {59567DE0-8960-4C9F-BEAC-48317E50D433}
05.12.2013  20:23    <DIR>          {74057EDE-5D6F-4FB1-876A-A456095630FD}
18.11.2012  17:26    <DIR>          {844EBDEB-82C0-417C-A24C-48EA48460FBF}
04.12.2012  09:43    <DIR>          {99D6D419-0BD4-4451-B333-9628E6093727}
28.05.2013  09:01    <DIR>          {A003241E-01BE-4B32-ADB5-00718A4AB763}
18.11.2012  17:25    <DIR>          {AE1CBCDB-297C-4CB4-8CC1-3883151C785B}
07.10.2012  19:12    <DIR>          {B007F200-E151-459E-A423-C801CB211093}
28.05.2013  14:27    <DIR>          {B9A9FBA9-F8B0-4C13-A95E-D0967006F6FF}
28.05.2013  15:59    <DIR>          {D21924E4-F3C7-407E-9A3C-45EF6921FA34}
30.12.2012  22:18    <DIR>          {D44FA661-1BA3-4B3F-B454-FCE5B1A2DA55}
14.11.2013  17:27    <DIR>          {DD02E62F-6684-4844-A89F-FAC5493B18AF}
31.05.2013  15:36    <DIR>          {E1CA6399-2910-4350-8530-89FFA84F4716}
01.06.2014  19:33    <DIR>          {E9D6F425-8B85-4338-96D5-759940DCCA8B}
07.10.2012  19:12    <DIR>          {EB599082-6E9E-4D4F-A497-418735CB518F}
15.12.2012  19:45    <DIR>          {EB8B6AF0-57C1-46AA-A5A5-63A27E74856D}
17.12.2013  21:47    <DIR>          {FA51B2DF-944E-42AC-AE14-A38BF13ABFF2}
               2 Datei(en),         69.889 Bytes
              62 Verzeichnis(se), 94.416.982.016 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files (x86)\Common Files

14.01.2017  21:28    <DIR>          .
14.01.2017  21:28    <DIR>          ..
04.02.2016  20:28    <DIR>          Adobe
29.05.2014  19:28    <DIR>          Ahead
03.11.2011  19:37    <DIR>          CyberLink
15.05.2014  12:21    <DIR>          DESIGNER
26.12.2014  18:51    <DIR>          Hewlett-Packard
26.12.2014  18:51    <DIR>          HP
03.11.2011  18:01    <DIR>          InstallShield
25.03.2016  18:10    <DIR>          Java
14.10.2016  23:56    <DIR>          Microsoft Shared
06.03.2016  10:29    <DIR>          Nero
03.11.2011  18:29    <DIR>          Samsung
16.07.2016  12:47    <DIR>          Services
14.01.2017  21:28    <DIR>          Skype
14.10.2016  23:56    <DIR>          SpeechEngines
20.05.2013  16:49    <DIR>          Symantec Shared
16.07.2016  23:50    <DIR>          System
03.11.2011  19:12    <DIR>          Windows Live
               0 Datei(en),              0 Bytes
              19 Verzeichnis(se), 94.416.973.824 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files\Common Files

14.10.2016  23:56    <DIR>          .
14.10.2016  23:56    <DIR>          ..
14.04.2016  18:03    <DIR>          Bitdefender
14.10.2016  23:56    <DIR>          microsoft shared
16.07.2016  12:47    <DIR>          Services
14.10.2016  23:56    <DIR>          SpeechEngines
16.07.2016  23:50    <DIR>          System
               0 Datei(en),              0 Bytes
               7 Verzeichnis(se), 94.416.977.920 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145194273 B
Java, Flash, Steam htmlcache => 6468 B
Windows/system/drivers => 53494415 B
Edge => 250141513 B
Chrome => 0 B
Firefox => 36849709 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 5448159 B
LocalService => 68646 B
NetworkService => 14146 B
Silvia => 992009105 B
DefaultAppPool => 0 B

RecycleBin => 3467767195 B
EmptyTemp: => 4.6 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:53:19 ====
         

AdwCleander:

Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 12/03/2017 um 14:15:51
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-12.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Silvia - SILVIA-PC
# Gestartet von : C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer
[-] Ordner gelöscht: C:\Program Files\WajaWebEnhancer
[-] Ordner gelöscht: C:\Program Files\WInterEn
[-] Ordner gelöscht: C:\ProgramData\apn
[-] Ordner gelöscht: C:\ProgramData\Ask
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
[-] Ordner gelöscht: C:\Program Files (x86)\FLV Player


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel gelöscht: HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\WajIEnhance
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WajIEnhance
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\WajIEnhance
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Wajam Web Enhancer
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.newtab.url" -  "chrome://unitedtb/content/newtab/newtab-page.xhtml"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2722 Bytes] - [12/03/2017 14:15:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [2844 Bytes] - [12/03/2017 14:09:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2868 Bytes] ##########
         

MBAM:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 12.03.17
Scan-Zeit: 14:29
Protokolldatei: Malewarebytes.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1394
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Silvia-PC\Silvia

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 472104
Abgelaufene Zeit: 24 Min., 0 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Silvia (Administrator) auf SILVIA-PC (12-03-2017 15:01:48)
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Run: [Dropbox Update] => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d96e33c9-9c49-41b5-9ccb-f54ed90cc9d8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 [2017-03-12]
FF Extension: (WEB.DE MailCheck) - C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183\Extensions\mailcheck@web.de [2017-03-12]
FF Extension: (UITBAutoInstaller) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26] [ist nicht signiert]
FF HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
U2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [111320 2016-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1574744 2016-01-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S3 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-12] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-12] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-12] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-12] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2015-09-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\WINDOWS\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 15:01 - 2017-03-12 15:06 - 00017751 _____ C:\Users\Silvia\Desktop\FRST.txt
2017-03-12 14:56 - 2017-03-12 14:56 - 00001245 _____ C:\Users\Silvia\Desktop\mbam.txt
2017-03-12 14:28 - 2017-03-12 15:01 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:28 - 2017-03-12 15:01 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:27 - 2017-03-12 15:01 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:27 - 2017-03-12 15:00 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:27 - 2017-03-12 14:27 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:27 - 2017-03-12 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:27 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:23 - 2017-03-12 14:26 - 57131432 _____ (Malwarebytes ) C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:20 - 2017-03-12 14:20 - 00002962 _____ C:\Users\Silvia\Desktop\AdwCleaner[C0].txt
2017-03-12 14:01 - 2017-03-12 14:15 - 00000000 ____D C:\AdwCleaner
2017-03-12 14:00 - 2017-03-12 14:01 - 04031440 _____ C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:45 - 2017-03-12 13:45 - 00028190 _____ C:\ProgramData\agent.1489322704.bdinstall.bin
2017-03-12 13:43 - 2017-03-12 13:53 - 00030992 _____ C:\Users\Silvia\Desktop\Fixlog.txt
2017-03-12 13:37 - 2017-03-12 13:38 - 00000000 ____D C:\Users\Silvia\Desktop\Virus
2017-03-11 20:19 - 2017-03-11 20:52 - 00523380 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_20.19.08_log.txt
2017-03-11 20:18 - 2017-03-11 20:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Silvia\Desktop\tdsskiller.exe
2017-03-11 20:03 - 2017-03-11 20:04 - 02424320 _____ (Farbar) C:\Users\Silvia\Desktop\FRST64.exe
2017-03-11 19:45 - 2017-03-11 19:45 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 22:40 - 2017-03-09 22:42 - 00066908 _____ C:\Users\Silvia\Downloads\Addition.txt
2017-03-09 22:38 - 2017-03-12 15:01 - 00000000 ____D C:\FRST
2017-03-09 22:38 - 2017-03-09 22:42 - 00025098 _____ C:\Users\Silvia\Downloads\FRST.txt
2017-03-09 22:37 - 2017-03-09 22:37 - 02423808 _____ (Farbar) C:\Users\Silvia\Downloads\FRST64.exe
2017-03-09 21:33 - 2017-03-09 21:33 - 00097882 _____ C:\ProgramData\1489091590.bdinstall.bin
2017-03-09 21:28 - 2017-03-09 21:28 - 00000000 ____D C:\Users\Silvia\Desktop\Alte Firefox-Daten
2017-03-03 11:11 - 2017-03-03 11:11 - 00032740 _____ C:\Users\Silvia\Downloads\Dinkel Pizzateig - 2016-09-10.pdf
2017-02-23 20:17 - 2017-02-23 20:48 - 00000000 ____D C:\Users\Silvia\Desktop\Igel Fotostick
2017-02-15 10:14 - 2017-02-15 10:14 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-15 10:14 - 2017-02-15 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 15:04 - 2016-10-14 23:51 - 01951094 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 15:04 - 2016-07-16 23:51 - 00715542 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-12 15:04 - 2016-07-16 23:51 - 00160732 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-12 15:02 - 2013-09-18 18:17 - 00000000 ___RD C:\Users\Silvia\Dropbox
2017-03-12 15:00 - 2016-03-25 17:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-12 14:58 - 2016-10-15 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 14:58 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-12 14:57 - 2013-05-20 18:36 - 00149290 _____ C:\bdlog.txt
2017-03-12 13:56 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\ELAM
2017-03-12 13:55 - 2016-11-24 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-12 13:55 - 2012-08-19 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-12 13:45 - 2016-10-14 23:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 13:44 - 2013-05-20 17:06 - 00000000 ____D C:\ProgramData\BDLogging
2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-11 19:46 - 2013-09-18 18:15 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Dropbox
2017-03-09 22:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 15:05 - 2013-05-20 16:16 - 02426440 _____ C:\Users\Silvia\Desktop\bitdefender_antivirus2013.exe
2017-03-09 10:17 - 2015-06-12 22:02 - 00000000 ____D C:\Users\Silvia\AppData\Local\Dropbox
2017-03-01 12:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\Silvia
2017-03-01 11:20 - 2012-08-19 11:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 09:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 09:01 - 2013-07-28 21:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:07 - 2012-08-22 20:49 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 20:49 - 2014-08-18 15:46 - 00000000 ____D C:\Users\Silvia\AppData\Local\Adobe
2017-02-23 20:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 11:09 - 2016-12-07 07:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 11:08 - 2016-03-06 13:22 - 00002421 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 11:08 - 2016-03-06 13:22 - 00000000 ___RD C:\Users\Silvia\OneDrive
2017-02-15 10:14 - 2012-08-19 07:37 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-19 08:08 - 2012-04-19 08:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 07:59 - 2012-04-19 07:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2016-05-23 20:52 - 2016-05-23 20:52 - 0000385 _____ () C:\Users\Silvia\AppData\Roaming\user_gensett.xml
2012-10-07 17:24 - 2012-10-07 17:24 - 0000393 _____ () C:\Users\Silvia\AppData\Local\HamsterVideoConverterSettings.cfg
2016-04-14 18:41 - 2016-04-14 18:41 - 0627349 _____ () C:\ProgramData\1460653227.bdinstall.bin
2016-06-15 06:33 - 2016-06-15 06:33 - 0026781 _____ () C:\ProgramData\1465968770.bdinstall.bin
2017-03-09 21:33 - 2017-03-09 21:33 - 0097882 _____ () C:\ProgramData\1489091590.bdinstall.bin
2016-09-20 11:32 - 2016-09-20 11:32 - 0026838 _____ () C:\ProgramData\agent.1474367523.bdinstall.bin
2016-11-02 14:41 - 2016-11-02 14:41 - 0028759 _____ () C:\ProgramData\agent.1478094058.bdinstall.bin
2017-03-12 13:45 - 2017-03-12 13:45 - 0028190 _____ () C:\ProgramData\agent.1489322704.bdinstall.bin
2016-10-14 23:48 - 2016-10-14 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-26 18:49 - 2014-12-26 21:42 - 0000836 _____ () C:\ProgramData\hpzinstall.log
2011-11-03 19:44 - 2011-11-03 19:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-11-03 19:37 - 2011-11-03 19:37 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-11-03 19:41 - 2011-11-03 19:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-03 19:38 - 2011-11-03 19:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-11-03 19:42 - 2011-11-03 19:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 10:39

==================== Ende von FRST.txt ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Silvia (12-03-2017 15:06:33)
Gestartet von C:\Users\Silvia\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-14 23:30:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-983883370-204824152-491102941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-983883370-204824152-491102941-503 - Limited - Disabled)
Gast (S-1-5-21-983883370-204824152-491102941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-983883370-204824152-491102941-1002 - Limited - Enabled)
Silvia (S-1-5-21-983883370-204824152-491102941-1000 - Administrator - Enabled) => C:\Users\Silvia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender-Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender-Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli Fotobücher (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1423 - Bitdefender)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.6.0.326 - Bitdefender)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finanzplaner PRO (HKLM-x32\...\Finanzplaner PRO) (Version:  - FinanzPortal24 GmbH)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{E47A3570-59A0-4948-A678-A930FEE8AAC7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{B999EF65-7140-47E1-BED0-6A32E64A0D7D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1399D005-9179-4EB0-B62B-C71085F1CB81} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {1B0CAC01-78B1-46EA-AAD0-A5C0C9A9EEBD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1BBE6E19-EAC8-48F9-A650-29AC264EC91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {27018021-93D3-4181-A414-70E233096DA8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4CFDEB-63DC-4061-BBED-999970D6C986} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2013\bdproductdata.exe 
Task: {2F0D4068-C9FA-4B45-A7FC-625D0F57B02A} - System32\Tasks\{EE305C4B-2645-4AD4-AB31-8774E0D9EF4D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {34185101-2D74-4011-908B-B1FC4B4C4BE7} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe 
Task: {40CA2C1C-8985-452E-B5F1-23E374E19F48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4A1A75AC-E505-48A8-ACAD-2FB594C0BB58} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {4BD94884-E059-4F7C-8455-62E2AA5A3DBE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated)
Task: {5996EC8B-1C65-4C80-84F9-96E88B7A1A86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {6300AB21-F4AE-4D28-97B2-6921A3833149} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {73CC6AD6-7914-402D-B519-52F325732A2B} - System32\Tasks\{C7DA0173-A309-4F90-B5F2-89918793E3A1} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.30.0.105.411/de/abandoninstall?page=tsProgressBar
Task: {7556EB99-AC76-4EE7-9CB3-0B4CCE2DCDB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {75B74FA7-121A-45AF-A58F-CE8474E83919} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {850E9F07-2096-4FE9-A733-FE077D4AABE5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8B334E28-4173-4E7B-B70D-2239A7897ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8C128A29-BC22-409A-B3B4-B6A225FC4454} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9A651807-3F5E-4BD4-AAAF-938487ACD279} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9C7B57B7-F799-4A6C-929D-59D86F528183} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9D3B18C5-480C-4532-A960-D319D34E5EE7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {9FED81DA-52A7-4C9D-8AB0-16EFCF8E0626} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {A2A0F0F1-0AD4-4693-9963-A68C0DEBC0CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AB30CF4B-78EE-43C6-84AF-18B9600D7A09} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AF8E0C35-0478-480E-AB08-8B82E504A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {B24C4704-4B41-438C-A0D8-EB1B1B19B584} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {BCF1F663-95A5-46DA-A8D2-EEE34805A0B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C491C115-391E-4D12-8322-67457D3CA592} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CB902C20-D63C-4BA9-ABDC-BF90E0F37791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D1A7B405-6102-4350-8033-19B49D45750C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D64C454A-E02D-4972-99F7-BF6AEF595F22} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D89CE4B1-DC7B-42F9-98E6-F9C8DE7003A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DC02FBDE-D986-497A-9492-9186C3C240E6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DEF7D778-88F3-48E0-8236-1247220EDAA7} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe 
Task: {F1B6F95C-CAB2-4BFF-AA66-C6BB1E217B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F31AABE0-BE26-427E-8159-BF36BA8A0C32} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {F645E1B5-0C8C-49DE-8DF7-045D7C9C022E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {FB5C8F08-3D93-43D7-9E1F-FB95C61673F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FC32A813-B554-47A0-B581-AD88FB648F7B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 18:19 - 2015-11-04 13:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-04-14 18:18 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-04-14 18:19 - 2016-03-02 15:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2017-02-07 16:40 - 2017-02-07 16:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpbr.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpdsp.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpph.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttprbl.mdl
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-11-03 19:41 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-12 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-12 14:27 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-15 00:32 - 2016-10-15 00:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-16 11:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-16 11:05 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-16 11:05 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-16 11:05 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2014-04-13 08:41 - 2015-04-14 10:05 - 01428760 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2014-04-13 08:35 - 2015-04-14 10:05 - 09741592 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-04-13 08:35 - 2015-04-14 10:06 - 03929880 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02872600 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02136856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01960728 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 04463896 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01593624 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 05308184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02392344 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01171224 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01633560 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01341720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01312536 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 07374616 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01296664 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2017-03-11 19:44 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-11 19:45 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-11 19:44 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-11 19:45 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-11 19:44 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-11 19:45 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-11 19:44 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-11 19:44 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-11 19:44 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-11 19:44 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-11 19:45 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ALDI Bestellsoftware Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Barchart-windows64-online.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ccsetup402_slim.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\devolo-cockpit-v4-3-2.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Dropbox 2.0.26.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-14.3.20130522u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.0.20150113k.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer17x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jre-7u25-windows-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(3).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(4).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(5).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(6).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero Burning ROM Classic - CHIP-Installer.exe:BDU [1]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero2016-17.09.2015_stub_trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\OJ4500vG510a-f_Full_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SkypeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bbeb6448-8619-4f01-847d-26d45d85e6ac}.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 12:24:37 Geplanter Prüfpunkt
23-02-2017 22:00:27 Windows Update
01-03-2017 20:02:06 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/12/2017 01:59:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/12/2017 01:59:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/09/2017 10:53:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/02/2017 12:01:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/01/2017 08:04:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)


Systemfehler:
=============
Error: (03/12/2017 03:00:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/12/2017 02:59:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/12/2017 02:17:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/12/2017 02:15:39 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/12/2017 02:15:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 02:15:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 02:15:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 02:15:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 02:15:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 02:15:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3305M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3563.87 MB
Verfügbarer physikalischer RAM: 1617.72 MB
Summe virtueller Speicher: 7147.87 MB
Verfügbarer virtueller Speicher: 4892.46 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:178 GB) (Free:92.7 GB) NTFS
Drive d: () (Fixed) (Total:266.26 GB) (Free:72.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933609DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=27)

==================== Ende von Addition.txt ============================
         
Danke schon mal für Deine Hilfe / Arbeit !

Alt 12.03.2017, 21:28   #9
M-K-D-B
/// TB-Ausbilder
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *Wajam*
    *WajaWebEnhancer*
    *WInterEn*
    *FLV Player*
    *FLVPlayer*
    *WajIEnhance*
    *AskPartner*
    *ApnTB*
    
    :folderfind
    *Wajam*
    *WajaWebEnhancer*
    *WInterEn*
    *FLV Player*
    *FLVPlayer*
    *WajIEnhance*
    *AskPartner*
    *ApnTB*
    
    :regfind
    Wajam
    WajaWebEnhancer
    WInterEn
    FLV Player
    FLVPlayer
    WajIEnhance
    AskPartner
    ApnTB
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Alt 13.03.2017, 05:56   #10
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus Matthias,

Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-03-2017
durchgeführt von Silvia (12-03-2017 22:08:43) Run:2
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
end
*****************

Prozesse erfolgreich geschlossen.

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files

12.03.2017  14:26    <DIR>          .
12.03.2017  14:26    <DIR>          ..
14.10.2016  23:56    <DIR>          AMD
03.11.2011  17:59    <DIR>          ATI
14.10.2016  23:48    <DIR>          ATI Technologies
14.04.2016  18:03    <DIR>          Bitdefender
12.03.2017  22:03    <DIR>          Bitdefender Agent
14.10.2016  23:56    <DIR>          Common Files
15.03.2013  10:22    <DIR>          DIFX
06.03.2016  12:09    <DIR>          DVD Maker
05.12.2016  22:13    <DIR>          Elantech
19.08.2012  14:56    <DIR>          Google
16.01.2017  13:18    <DIR>          Internet Explorer
28.07.2013  10:24    <DIR>          Java
19.08.2012  12:08    <DIR>          licenses
12.03.2017  14:26    <DIR>          Malwarebytes
14.10.2016  23:56    <DIR>          Microsoft Games
01.01.2013  09:07    <DIR>          Microsoft Office
13.10.2016  06:25    <DIR>          Microsoft Silverlight
15.10.2016  00:18    <DIR>          MSBuild
19.04.2012  08:08       141.590.843 openofficeorg1.cab
19.04.2012  07:59         3.125.248 openofficeorg34.msi
19.08.2012  12:08    <DIR>          readmes
14.10.2016  23:47    <DIR>          Realtek
19.08.2012  12:08    <DIR>          redist
15.10.2016  00:18    <DIR>          Reference Assemblies
03.11.2011  18:33    <DIR>          Samsung
02.03.2014  18:17    <DIR>          Sweet Home 3D
15.10.2016  00:36    <DIR>          Windows Defender
03.11.2011  19:15    <DIR>          Windows Live
14.10.2016  23:56    <DIR>          Windows Mail
02.11.2016  23:28    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
15.10.2016  00:30    <DIR>          Windows NT
15.10.2016  00:36    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
               2 Datei(en),    144.716.091 Bytes
              35 Verzeichnis(se), 99.554.213.888 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Program Files (x86)

12.03.2017  14:15    <DIR>          .
12.03.2017  14:15    <DIR>          ..
04.02.2016  20:28    <DIR>          Adobe
05.03.2016  18:57    <DIR>          Ahead
02.09.2013  07:21    <DIR>          ALDI Bestellsoftware
03.11.2011  18:01    <DIR>          AMD
03.11.2011  18:01    <DIR>          AMD APP
03.11.2011  18:04    <DIR>          Atheros
14.10.2016  23:48    <DIR>          ATI Technologies
03.12.2015  20:04    <DIR>          CDBurnerXP
14.01.2017  21:28    <DIR>          Common Files
03.11.2011  19:46    <DIR>          CyberLink
14.01.2017  13:00    <DIR>          devolo
14.10.2012  19:58    <DIR>          dm
10.04.2016  19:43    <DIR>          ElsterFormular
24.11.2012  14:46    <DIR>          Finanzportal24
04.12.2015  17:07    <DIR>          fotokasten comfort
15.02.2017  10:14    <DIR>          Google
02.06.2015  19:58    <DIR>          HP
16.01.2017  13:18    <DIR>          Internet Explorer
25.03.2016  18:11    <DIR>          Java
17.03.2013  21:23    <DIR>          Microsoft
13.05.2015  22:04    <DIR>          Microsoft Application Virtualization Client
01.01.2013  09:07    <DIR>          Microsoft Office
13.10.2016  06:25    <DIR>          Microsoft Silverlight
03.11.2011  19:21    <DIR>          Microsoft SQL Server Compact Edition
16.07.2016  12:47    <DIR>          Microsoft.NET
03.06.2015  15:07    <DIR>          Mozilla Firefox
12.03.2017  13:55    <DIR>          Mozilla Maintenance Service
12.03.2017  13:55    <DIR>          Mozilla Thunderbird
15.10.2016  00:18    <DIR>          MSBuild
17.03.2013  18:56    <DIR>          MSXML 4.0
06.03.2016  10:29    <DIR>          Nero
07.06.2013  12:30    <DIR>          Nokia
19.08.2012  12:11    <DIR>          OpenOffice.org 3
03.11.2011  18:03    <DIR>          Realtek
15.10.2016  00:18    <DIR>          Reference Assemblies
06.03.2016  12:09    <DIR>          Samsung
14.01.2017  21:28    <DIR>          Skype
01.03.2015  13:23    <DIR>          SuperTuxKart
03.11.2011  18:40    <DIR>          Symantec
01.03.2015  12:27    <DIR>          WEB.DE MailCheck
03.11.2011  18:40    <DIR>          WildGames
15.10.2016  00:36    <DIR>          Windows Defender
03.11.2011  19:36    <DIR>          Windows Live
14.10.2016  23:56    <DIR>          Windows Mail
02.11.2016  23:28    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
16.07.2016  12:47    <DIR>          Windows NT
15.10.2016  00:36    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
06.09.2015  08:54    <DIR>          WISO
               0 Datei(en),              0 Bytes
              53 Verzeichnis(se), 99.554.152.448 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\ProgramData

14.04.2016  18:41           627.349 1460653227.bdinstall.bin
15.06.2016  06:33            26.781 1465968770.bdinstall.bin
09.03.2017  21:33            97.882 1489091590.bdinstall.bin
04.02.2016  20:28    <DIR>          Adobe
20.09.2016  11:32            26.838 agent.1474367523.bdinstall.bin
02.11.2016  14:41            28.759 agent.1478094058.bdinstall.bin
12.03.2017  13:45            28.190 agent.1489322704.bdinstall.bin
14.10.2016  23:48    <DIR>          AMD
03.11.2011  18:04    <DIR>          Atheros
06.03.2016  13:19    <DIR>          ATI
20.05.2013  16:31    <DIR>          Avira
11.05.2014  17:56    <DIR>          bdch
12.03.2017  13:44    <DIR>          BDLogging
14.04.2016  18:28    <DIR>          Bitdefender
25.03.2016  17:33    <DIR>          Bitdefender Agent
09.05.2013  18:45    <DIR>          Buhl Data Service GmbH
03.12.2015  20:05    <DIR>          Canneverbe Limited
16.07.2016  12:47    <DIR>          Comms
28.12.2012  22:17    <DIR>          CyberLink
12.06.2015  22:02    <DIR>          Dropbox
10.04.2016  20:08    <DIR>          elsterformular
24.11.2012  14:50    <DIR>          Finanzportal24
12.07.2013  07:42    <DIR>          fotokasten comfort
26.12.2014  21:42    <DIR>          HP
26.12.2014  18:53    <DIR>          HP Product Assistant
26.08.2013  18:25    <DIR>          hps
26.12.2014  21:42               836 hpzinstall.log
12.03.2017  14:26    <DIR>          Malwarebytes
15.10.2016  06:40    <DIR>          Microsoft OneDrive
19.08.2012  15:02    <DIR>          Mozilla
06.03.2016  10:29    <DIR>          Nero
07.06.2013  12:30    <DIR>          Nokia
15.03.2013  10:19    <DIR>          NokiaInstallerCache
20.05.2013  16:50    <DIR>          Norton
03.11.2011  18:40    <DIR>          NortonInstaller
25.03.2016  18:18    <DIR>          Oracle
14.10.2016  23:56    <DIR>          Package Cache
15.03.2013  10:24    <DIR>          PC Suite
15.10.2016  00:05    <DIR>          regid.1991-06.com.microsoft
14.08.2012  19:20    <DIR>          SAMSUNG
14.01.2017  21:28    <DIR>          Skype
16.07.2016  12:47    <DIR>          SoftwareDistribution
09.03.2013  09:02    <DIR>          Sun
03.11.2011  18:40    <DIR>          Symantec
03.11.2011  19:45    <DIR>          Temp
25.12.2013  09:37    <DIR>          tmp
15.10.2016  00:12    <DIR>          USOPrivate
15.10.2016  00:12    <DIR>          USOShared
01.01.2013  18:14    <DIR>          VirtualizedApplications
26.12.2014  21:43    <DIR>          WEBREG
03.11.2011  18:40    <DIR>          WildTangent
05.03.2016  18:29    <DIR>          WinClon
03.11.2011  19:45               109 {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
03.11.2011  19:37               113 {34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
03.11.2011  19:42               105 {40BF1E83-20EB-11D8-97C5-0009C5020658}.log
03.11.2011  19:41               106 {80E158EA-7181-40FE-A701-301CE6BE64AB}.log
03.11.2011  19:44               110 {CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
              12 Datei(en),        837.178 Bytes
              45 Verzeichnis(se), 99.553.533.952 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Users\Silvia\AppData\Roaming

12.03.2017  14:15    <DIR>          .
12.03.2017  14:15    <DIR>          ..
19.08.2012  07:39    <DIR>          Adobe
29.05.2014  19:36    <DIR>          Ahead
07.10.2012  17:33    <DIR>          AnvSoft
14.08.2012  19:27    <DIR>          ATI
14.04.2016  18:25    <DIR>          Bitdefender
09.05.2013  18:45    <DIR>          Buhl Data Service
03.12.2015  20:04    <DIR>          Canneverbe Limited
28.11.2013  21:24    <DIR>          com.barchart.platform.release
29.05.2014  19:57    <DIR>          CyberLink
14.01.2017  13:01    <DIR>          de.devolo.dLAN.Cockpit
01.03.2015  12:31    <DIR>          dlg
11.03.2017  19:46    <DIR>          Dropbox
28.01.2015  04:55    <DIR>          elsterformular
24.11.2012  14:50    <DIR>          Finanzportal24
25.01.2015  14:36    <DIR>          HP
16.06.2015  21:59    <DIR>          HpUpdate
14.08.2012  19:25    <DIR>          Identities
10.03.2014  20:26    <DIR>          JWrapper-Barchart
14.08.2012  19:57    <DIR>          Macromedia
04.11.2011  08:52    <DIR>          Media Center Programs
19.08.2012  15:02    <DIR>          Mozilla
22.10.2015  21:42    <DIR>          Nero
19.08.2012  12:16    <DIR>          OpenOffice.org
07.11.2014  10:04    <DIR>          Oracle
15.03.2013  10:24    <DIR>          PC Suite
20.05.2013  16:53    <DIR>          QuickScan
02.02.2017  20:51    <DIR>          Skype
17.01.2017  21:53    <DIR>          SoftGrid Client
27.09.2015  12:12    <DIR>          Sun
19.08.2012  15:08    <DIR>          Thunderbird
01.01.2013  09:10    <DIR>          TP
23.05.2016  20:52               385 user_gensett.xml
               1 Datei(en),            385 Bytes
              33 Verzeichnis(se), 99.553.464.320 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 3000-7D82

 Verzeichnis von C:\Users\Silvia\AppData\Local

12.03.2017  22:04    <DIR>          .
12.03.2017  22:04    <DIR>          ..
06.03.:glaskugel2:2016  13:18    <DIR>          ActiveSync
23.02.2017  20:49    <DIR>          Adobe
26.09.2012  09:05    <DIR>          Albelli Fotobcher
03.01.2017  16:46    <DIR>          AMD
14.08.2012  19:27    <DIR>          ATI
08.10.2015  21:54    <DIR>          bdch
06.09.2015  09:17    <DIR>          Buhl
09.05.2013  18:45    <DIR>          Buhl Data Service
18.02.2016  22:00    <DIR>          CEF
06.03.2016  13:36    <DIR>          Comms
15.10.2016  16:32    <DIR>          ConnectedDevicesPlatform
05.03.2016  11:55    <DIR>          CrashDumps
20.09.2015  09:08    <DIR>          Diagnostics
09.03.2017  10:17    <DIR>          Dropbox
11.11.2014  21:39    <DIR>          fotokasten comfort
26.12.2014  21:47            69.496 GDIPFONTCACHEV1.DAT
15.11.2012  18:31    <DIR>          Google
02.06.2015  05:47    <DIR>          GWX
07.10.2012  17:24               393 HamsterVideoConverterSettings.cfg
26.12.2014  21:42    <DIR>          HP
19.08.2012  15:29    <DIR>          Macromedia
09.12.2016  22:26    <DIR>          Microsoft
18.07.2015  21:21    <DIR>          Microsoft Games
12.03.2016  17:09    <DIR>          MicrosoftEdge
19.09.2013  09:13    <DIR>          Mozilla
08.02.2017  11:13    <DIR>          Nero
19.03.2016  08:56    <DIR>          Nero_AG
06.03.2016  13:19    <DIR>          NetworkTiles
15.03.2013  10:27    <DIR>          Nokia
07.06.2013  12:30    <DIR>          NokiaAccount
02.12.2016  14:59    <DIR>          Packages
14.08.2012  19:26    <DIR>          Power2Go
02.03.2014  18:17    <DIR>          Programs
06.03.2016  13:15    <DIR>          Publishers
15.08.2012  17:48    <DIR>          Samsung
01.01.2013  09:09    <DIR>          SoftGrid Client
12.03.2017  22:08    <DIR>          Temp
12.03.2015  08:13    <DIR>          Thunderbird
06.03.2016  13:14    <DIR>          TileDataLayer
12.07.2013  09:27    <DIR>          VirtualStore
19.10.2013  20:41    <DIR>          {06B238D4-4EE0-4870-8FE9-DF6E7ADED892}
24.03.2013  17:18    <DIR>          {10A67E1E-1067-4C0B-86EC-3AD94A063770}
29.07.2013  20:19    <DIR>          {2B6AE229-DD74-4963-B3F9-0163DABFF600}
28.05.2013  09:01    <DIR>          {3D538D20-E113-4B9C-9852-9EE55E1DAFCE}
28.05.2013  09:02    <DIR>          {3F1EDAC8-4C24-4F4D-8261-1C7E5654C112}
28.05.2013  14:25    <DIR>          {500ED4B8-871E-4E51-BBF6-ACEB4167364A}
30.05.2013  10:03    <DIR>          {59567DE0-8960-4C9F-BEAC-48317E50D433}
05.12.2013  20:23    <DIR>          {74057EDE-5D6F-4FB1-876A-A456095630FD}
18.11.2012  17:26    <DIR>          {844EBDEB-82C0-417C-A24C-48EA48460FBF}
04.12.2012  09:43    <DIR>          {99D6D419-0BD4-4451-B333-9628E6093727}
28.05.2013  09:01    <DIR>          {A003241E-01BE-4B32-ADB5-00718A4AB763}
18.11.2012  17:25    <DIR>          {AE1CBCDB-297C-4CB4-8CC1-3883151C785B}
07.10.2012  19:12    <DIR>          {B007F200-E151-459E-A423-C801CB211093}
28.05.2013  14:27    <DIR>          {B9A9FBA9-F8B0-4C13-A95E-D0967006F6FF}
28.05.2013  15:59    <DIR>          {D21924E4-F3C7-407E-9A3C-45EF6921FA34}
30.12.2012  22:18    <DIR>          {D44FA661-1BA3-4B3F-B454-FCE5B1A2DA55}
14.11.2013  17:27    <DIR>          {DD02E62F-6684-4844-A89F-FAC5493B18AF}
31.05.2013  15:36    <DIR>          {E1CA6399-2910-4350-8530-89FFA84F4716}
01.06.2014  19:33    <DIR>          {E9D6F425-8B85-4338-96D5-759940DCCA8B}
07.10.2012  19:12    <DIR>          {EB599082-6E9E-4D4F-A497-418735CB518F}
15.12.2012  19:45    <DIR>          {EB8B6AF0-57C1-46AA-A5A5-63A27E74856D}
17.12.2013  21:47    <DIR>          {FA51B2DF-944E-42AC-AE14-A38BF13ABFF2}
               2 Datei(en),         69.889 Bytes
              62 Verzeichnis(se), 99.554.021.376 Bytes frei

========= Ende von CMD: =========



Das System musste neu gestartet werden.

==== Ende von Fixlog 22:08:57 ====
         

SystemLook:

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 22:17 on 12/03/2017 by Silvia
Administrator - Elevation successful

========== filefind ==========

Searching for "*Wajam*"
C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam.ico	--a---- 4286 bytes	[13:15 12/03/2017]	[15:03 25/02/2015] 21CD11B8FF9612BDBB451CAEE61CA98C
C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam_goblin_64.dll	--a---- 1422848 bytes	[13:15 12/03/2017]	[19:33 23/07/2015] 6FC37DD9912DF65AE825E70F2414F374
C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\wajam.ico	--a---- 4286 bytes	[13:15 12/03/2017]	[15:03 25/02/2015] 21CD11B8FF9612BDBB451CAEE61CA98C
C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Wajam Website.lnk	--a---- 1214 bytes	[13:15 12/03/2017]	[11:28 01/03/2015] 985AD6AEECB397F9FF776017818EDAE4
C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\wajam.ico	--a---- 4286 bytes	[13:15 12/03/2017]	[17:35 27/10/2015] 1EC3DFF86801E09498E525A227212B14
C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\wajam.ico	--a---- 4286 bytes	[13:15 12/03/2017]	[17:35 27/10/2015] 1EC3DFF86801E09498E525A227212B14

Searching for "*WajaWebEnhancer*"
No files found.

Searching for "*WInterEn*"
No files found.

Searching for "*FLV Player*"
C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLV Player.url	--a---- 73 bytes	[13:15 12/03/2017]	[19:09 01/06/2014] 4FE86B28E689A962CDEEAFB8BB7216C5
C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player website.lnk	--a---- 1045 bytes	[13:15 12/03/2017]	[19:09 01/06/2014] EBB81248B88936107D23C72AC2CC64A8
C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player.lnk	--a---- 1040 bytes	[13:15 12/03/2017]	[19:09 01/06/2014] D6B1944F1E9940BD8B0AF07E999E6F32
C:\Users\Public\Desktop\FLV Player.lnk	--a---- 1022 bytes	[19:09 01/06/2014]	[19:09 01/06/2014] 7BFEA1102B06D5D17CBCACE0F94F2524

Searching for "*FLVPlayer*"
C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLVPlayer.exe	--a---- 1909940 bytes	[13:15 12/03/2017]	[13:50 16/10/2008] 31F6A135DA6FBF556AECB2F27B45D1B2
C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe	--a---- 4998707 bytes	[19:08 01/06/2014]	[19:08 01/06/2014] 014C88A3AFB657EEBEE8D0C3851936C5

Searching for "*WajIEnhance*"
No files found.

Searching for "*AskPartner*"
No files found.

Searching for "*ApnTB*"
No files found.

========== folderfind ==========

Searching for "*Wajam*"
C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Uninstall Wajam	d------	[13:15 12/03/2017]

Searching for "*WajaWebEnhancer*"
No folders found.

Searching for "*WInterEn*"
No folders found.

Searching for "*FLV Player*"
No folders found.

Searching for "*FLVPlayer*"
No folders found.

Searching for "*WajIEnhance*"
No folders found.

Searching for "*AskPartner*"
No folders found.

Searching for "*ApnTB*"
No folders found.

========== regfind ==========

Searching for "Wajam"
No data found.

Searching for "WajaWebEnhancer"
No data found.

Searching for "WInterEn"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WInterEn]

Searching for "FLV Player"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0]
@="{0.0.0.00000000}.{f4c321e4-e9f1-46bd-9965-67e77e03794e}|\Device\HarddiskVolume2\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0]
@="{0.0.0.00000000}.{f4c321e4-e9f1-46bd-9965-67e77e03794e}|\Device\HarddiskVolume2\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "FLVPlayer"
[HKEY_CURRENT_USER\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0]
@="{0.0.0.00000000}.{f4c321e4-e9f1-46bd-9965-67e77e03794e}|\Device\HarddiskVolume2\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"f"="FLVPlayer.exe"
[HKEY_USERS\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe]
[HKEY_USERS\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0]
@="{0.0.0.00000000}.{f4c321e4-e9f1-46bd-9965-67e77e03794e}|\Device\HarddiskVolume2\Program Files (x86)\FLV Player\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\OpenWithList]
"f"="FLVPlayer.exe"

Searching for "WajIEnhance"
No data found.

Searching for "AskPartner"
No data found.

Searching for "ApnTB"
No data found.

-= EOF =-
         

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
durchgeführt von Silvia (Administrator) auf SILVIA-PC (13-03-2017 05:42:37)
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia (Verfügbare Profile: Silvia & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Run: [Dropbox Update] => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d96e33c9-9c49-41b5-9ccb-f54ed90cc9d8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 [2017-03-12]
FF Extension: (WEB.DE MailCheck) - C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183\Extensions\mailcheck@web.de [2017-03-12]
FF Extension: (UITBAutoInstaller) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26] [ist nicht signiert]
FF HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [111320 2016-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1574744 2016-01-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S3 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-12] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-12] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-12] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-12] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2015-09-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\WINDOWS\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 05:42 - 2017-03-13 05:43 - 00018086 _____ C:\Users\Silvia\Desktop\FRST.txt
2017-03-12 22:17 - 2017-03-13 05:41 - 00010130 _____ C:\Users\Silvia\Desktop\SystemLook.txt
2017-03-12 22:16 - 2017-03-12 22:17 - 00165376 _____ C:\Users\Silvia\Desktop\SystemLook_x64.exe
2017-03-12 22:08 - 2017-03-12 22:08 - 00015081 _____ C:\Users\Silvia\Desktop\Fixlog.txt
2017-03-12 22:08 - 2017-03-12 22:08 - 00000000 ____D C:\Users\Silvia\Desktop\FRST-OlderVersion
2017-03-12 14:28 - 2017-03-12 22:16 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:28 - 2017-03-12 22:12 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:27 - 2017-03-12 22:12 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:27 - 2017-03-12 22:12 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:27 - 2017-03-12 14:27 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:27 - 2017-03-12 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:27 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:23 - 2017-03-12 14:26 - 57131432 _____ (Malwarebytes ) C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:01 - 2017-03-12 14:15 - 00000000 ____D C:\AdwCleaner
2017-03-12 14:00 - 2017-03-12 14:01 - 04031440 _____ C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:45 - 2017-03-12 13:45 - 00028190 _____ C:\ProgramData\agent.1489322704.bdinstall.bin
2017-03-12 13:37 - 2017-03-12 22:05 - 00000000 ____D C:\Users\Silvia\Desktop\Virus
2017-03-11 20:19 - 2017-03-11 20:52 - 00523380 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_20.19.08_log.txt
2017-03-11 20:18 - 2017-03-11 20:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Silvia\Desktop\tdsskiller.exe
2017-03-11 20:03 - 2017-03-12 22:08 - 02424832 _____ (Farbar) C:\Users\Silvia\Desktop\FRST64.exe
2017-03-11 19:45 - 2017-03-11 19:45 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 22:40 - 2017-03-09 22:42 - 00066908 _____ C:\Users\Silvia\Downloads\Addition.txt
2017-03-09 22:38 - 2017-03-13 05:42 - 00000000 ____D C:\FRST
2017-03-09 22:38 - 2017-03-09 22:42 - 00025098 _____ C:\Users\Silvia\Downloads\FRST.txt
2017-03-09 22:37 - 2017-03-09 22:37 - 02423808 _____ (Farbar) C:\Users\Silvia\Downloads\FRST64.exe
2017-03-09 21:33 - 2017-03-09 21:33 - 00097882 _____ C:\ProgramData\1489091590.bdinstall.bin
2017-03-09 21:28 - 2017-03-09 21:28 - 00000000 ____D C:\Users\Silvia\Desktop\Alte Firefox-Daten
2017-03-03 11:11 - 2017-03-03 11:11 - 00032740 _____ C:\Users\Silvia\Downloads\Dinkel Pizzateig - 2016-09-10.pdf
2017-02-23 20:17 - 2017-02-23 20:48 - 00000000 ____D C:\Users\Silvia\Desktop\Igel Fotostick
2017-02-15 10:14 - 2017-02-15 10:14 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-15 10:14 - 2017-02-15 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 05:40 - 2016-03-25 17:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-13 05:39 - 2016-10-14 23:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 22:18 - 2013-09-18 18:17 - 00000000 ___RD C:\Users\Silvia\Dropbox
2017-03-12 22:10 - 2016-10-15 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 22:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-12 22:09 - 2013-05-20 18:36 - 00150137 _____ C:\bdlog.txt
2017-03-12 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-12 15:04 - 2016-10-14 23:51 - 01951094 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 15:04 - 2016-07-16 23:51 - 00715542 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-12 15:04 - 2016-07-16 23:51 - 00160732 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-12 13:56 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\ELAM
2017-03-12 13:55 - 2016-11-24 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-12 13:55 - 2012-08-19 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-12 13:44 - 2013-05-20 17:06 - 00000000 ____D C:\ProgramData\BDLogging
2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-11 19:46 - 2013-09-18 18:15 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Dropbox
2017-03-09 22:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 15:05 - 2013-05-20 16:16 - 02426440 _____ C:\Users\Silvia\Desktop\bitdefender_antivirus2013.exe
2017-03-09 10:17 - 2015-06-12 22:02 - 00000000 ____D C:\Users\Silvia\AppData\Local\Dropbox
2017-03-01 12:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\Silvia
2017-03-01 11:20 - 2012-08-19 11:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 09:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 09:01 - 2013-07-28 21:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:07 - 2012-08-22 20:49 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 20:49 - 2014-08-18 15:46 - 00000000 ____D C:\Users\Silvia\AppData\Local\Adobe
2017-02-23 20:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 11:09 - 2016-12-07 07:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 11:08 - 2016-03-06 13:22 - 00002421 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 11:08 - 2016-03-06 13:22 - 00000000 ___RD C:\Users\Silvia\OneDrive
2017-02-15 10:14 - 2012-08-19 07:37 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-19 08:08 - 2012-04-19 08:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 07:59 - 2012-04-19 07:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2016-05-23 20:52 - 2016-05-23 20:52 - 0000385 _____ () C:\Users\Silvia\AppData\Roaming\user_gensett.xml
2012-10-07 17:24 - 2012-10-07 17:24 - 0000393 _____ () C:\Users\Silvia\AppData\Local\HamsterVideoConverterSettings.cfg
2016-04-14 18:41 - 2016-04-14 18:41 - 0627349 _____ () C:\ProgramData\1460653227.bdinstall.bin
2016-06-15 06:33 - 2016-06-15 06:33 - 0026781 _____ () C:\ProgramData\1465968770.bdinstall.bin
2017-03-09 21:33 - 2017-03-09 21:33 - 0097882 _____ () C:\ProgramData\1489091590.bdinstall.bin
2016-09-20 11:32 - 2016-09-20 11:32 - 0026838 _____ () C:\ProgramData\agent.1474367523.bdinstall.bin
2016-11-02 14:41 - 2016-11-02 14:41 - 0028759 _____ () C:\ProgramData\agent.1478094058.bdinstall.bin
2017-03-12 13:45 - 2017-03-12 13:45 - 0028190 _____ () C:\ProgramData\agent.1489322704.bdinstall.bin
2016-10-14 23:48 - 2016-10-14 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-26 18:49 - 2014-12-26 21:42 - 0000836 _____ () C:\ProgramData\hpzinstall.log
2011-11-03 19:44 - 2011-11-03 19:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-11-03 19:37 - 2011-11-03 19:37 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-11-03 19:41 - 2011-11-03 19:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-03 19:38 - 2011-11-03 19:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-11-03 19:42 - 2011-11-03 19:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 10:39

==================== Ende von FRST.txt ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-03-2017
durchgeführt von Silvia (13-03-2017 05:45:03)
Gestartet von C:\Users\Silvia\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-14 23:30:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-983883370-204824152-491102941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-983883370-204824152-491102941-503 - Limited - Disabled)
Gast (S-1-5-21-983883370-204824152-491102941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-983883370-204824152-491102941-1002 - Limited - Enabled)
Silvia (S-1-5-21-983883370-204824152-491102941-1000 - Administrator - Enabled) => C:\Users\Silvia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender-Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender-Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli Fotobücher (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1423 - Bitdefender)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.6.0.326 - Bitdefender)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finanzplaner PRO (HKLM-x32\...\Finanzplaner PRO) (Version:  - FinanzPortal24 GmbH)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{E47A3570-59A0-4948-A678-A930FEE8AAC7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{B999EF65-7140-47E1-BED0-6A32E64A0D7D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1399D005-9179-4EB0-B62B-C71085F1CB81} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {1B0CAC01-78B1-46EA-AAD0-A5C0C9A9EEBD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1BBE6E19-EAC8-48F9-A650-29AC264EC91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {27018021-93D3-4181-A414-70E233096DA8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4CFDEB-63DC-4061-BBED-999970D6C986} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2013\bdproductdata.exe 
Task: {2F0D4068-C9FA-4B45-A7FC-625D0F57B02A} - System32\Tasks\{EE305C4B-2645-4AD4-AB31-8774E0D9EF4D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {34185101-2D74-4011-908B-B1FC4B4C4BE7} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe 
Task: {40CA2C1C-8985-452E-B5F1-23E374E19F48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4A1A75AC-E505-48A8-ACAD-2FB594C0BB58} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {4BD94884-E059-4F7C-8455-62E2AA5A3DBE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated)
Task: {5996EC8B-1C65-4C80-84F9-96E88B7A1A86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {6300AB21-F4AE-4D28-97B2-6921A3833149} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {73CC6AD6-7914-402D-B519-52F325732A2B} - System32\Tasks\{C7DA0173-A309-4F90-B5F2-89918793E3A1} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.30.0.105.411/de/abandoninstall?page=tsProgressBar
Task: {7556EB99-AC76-4EE7-9CB3-0B4CCE2DCDB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {75B74FA7-121A-45AF-A58F-CE8474E83919} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {850E9F07-2096-4FE9-A733-FE077D4AABE5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8B334E28-4173-4E7B-B70D-2239A7897ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8C128A29-BC22-409A-B3B4-B6A225FC4454} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9A651807-3F5E-4BD4-AAAF-938487ACD279} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9C7B57B7-F799-4A6C-929D-59D86F528183} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9D3B18C5-480C-4532-A960-D319D34E5EE7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {9FED81DA-52A7-4C9D-8AB0-16EFCF8E0626} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {A2A0F0F1-0AD4-4693-9963-A68C0DEBC0CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AB30CF4B-78EE-43C6-84AF-18B9600D7A09} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AF8E0C35-0478-480E-AB08-8B82E504A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {B24C4704-4B41-438C-A0D8-EB1B1B19B584} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {BCF1F663-95A5-46DA-A8D2-EEE34805A0B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C491C115-391E-4D12-8322-67457D3CA592} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CB902C20-D63C-4BA9-ABDC-BF90E0F37791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D1A7B405-6102-4350-8033-19B49D45750C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D64C454A-E02D-4972-99F7-BF6AEF595F22} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D89CE4B1-DC7B-42F9-98E6-F9C8DE7003A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DC02FBDE-D986-497A-9492-9186C3C240E6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DEF7D778-88F3-48E0-8236-1247220EDAA7} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe 
Task: {F1B6F95C-CAB2-4BFF-AA66-C6BB1E217B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F31AABE0-BE26-427E-8159-BF36BA8A0C32} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {F645E1B5-0C8C-49DE-8DF7-045D7C9C022E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {FB5C8F08-3D93-43D7-9E1F-FB95C61673F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FC32A813-B554-47A0-B581-AD88FB648F7B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 18:19 - 2015-11-04 13:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-04-14 18:18 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-04-14 18:19 - 2016-03-02 15:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2017-02-07 16:40 - 2017-02-07 16:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpbr.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpdsp.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpph.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttprbl.mdl
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-03-12 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-12 14:27 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2011-11-03 19:41 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-10-15 00:32 - 2016-10-15 00:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-16 11:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-16 11:05 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-16 11:05 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-13 08:41 - 2015-04-14 10:05 - 01428760 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2017-02-28 11:15 - 2017-03-01 10:04 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-28 11:15 - 2017-03-01 10:04 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 15:18 - 2016-06-03 19:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-09 23:19 - 2016-03-09 23:21 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 09741592 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-04-13 08:35 - 2015-04-14 10:06 - 03929880 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02872600 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02136856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01960728 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 04463896 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01593624 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 05308184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02392344 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01171224 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01633560 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01341720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01312536 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 07374616 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01296664 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2017-03-11 19:44 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-11 19:45 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-11 19:44 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-11 19:45 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-11 19:44 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-11 19:45 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-11 19:44 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-11 19:44 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-11 19:44 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-11 19:44 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-11 19:45 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\SystemLook_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ALDI Bestellsoftware Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Barchart-windows64-online.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ccsetup402_slim.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\devolo-cockpit-v4-3-2.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Dropbox 2.0.26.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-14.3.20130522u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.0.20150113k.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer17x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jre-7u25-windows-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(3).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(4).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(5).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(6).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero Burning ROM Classic - CHIP-Installer.exe:BDU [1]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero2016-17.09.2015_stub_trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\OJ4500vG510a-f_Full_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SkypeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bbeb6448-8619-4f01-847d-26d45d85e6ac}.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 12:24:37 Geplanter Prüfpunkt
23-02-2017 22:00:27 Windows Update
01-03-2017 20:02:06 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/12/2017 01:59:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/12/2017 01:59:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/09/2017 10:53:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/02/2017 12:01:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/01/2017 08:04:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:17 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/01/2017 11:23:16 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)


Systemfehler:
=============
Error: (03/12/2017 10:12:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/12/2017 10:11:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/12/2017 10:10:01 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Benutzererfahrung und Telemetrie im verbundenen Modus konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (03/12/2017 10:08:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 10:08:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 10:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 10:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Norton Online Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 10:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 10:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 10:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3305M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 3563.87 MB
Verfügbarer physikalischer RAM: 1724.91 MB
Summe virtueller Speicher: 7147.87 MB
Verfügbarer virtueller Speicher: 4365.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:178 GB) (Free:92.22 GB) NTFS
Drive d: () (Fixed) (Total:266.26 GB) (Free:72.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933609DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=27)

==================== Ende von Addition.txt ============================
         
Danke!

Alt 13.03.2017, 17:26   #11
M-K-D-B
/// TB-Ausbilder
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus,



Wir haben es bald geschafft.

Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Users\Public\Desktop\FLV Player.lnk
C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WInterEn
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0
Unlock: HKEY_CURRENT_USER\SOFTWARE\Binary Noise
ExportKey: HKEY_CURRENT_USER\SOFTWARE\Binary Noise
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 15.03.2017, 06:19   #12
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus Matthias,

Deine Unterstützung finde ich klasse und werde Euch auch unterstützen!

Würde sagen es läuft alles unauffällig. Kannst Du schon erkennen, ob meine Frau sich einen Virus eingefangen hat?

Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-03-2017
durchgeführt von Silvia (13-03-2017 20:10:22) Run:3
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia & DefaultAppPool (Verfügbare Profile: Silvia & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\Public\Desktop\FLV Player.lnk
C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WInterEn
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0
Unlock: HKEY_CURRENT_USER\SOFTWARE\Binary Noise
ExportKey: HKEY_CURRENT_USER\SOFTWARE\Binary Noise
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
C:\Users\Public\Desktop\FLV Player.lnk => erfolgreich verschoben
C:\Users\Silvia\Downloads\flvplayer_setup20_25.exe => erfolgreich verschoben
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WInterEn => Schlüssel erfolgreich entfernt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0e72f86_0 => Schlüssel erfolgreich entfernt
"HKEY_CURRENT_USER\SOFTWARE\Binary Noise" => Schlüssel wurde entsperrt
================== ExportKey: ===================

[HKUS-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Binary Noise]
[HKU\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Binary Noise\mPlayer]
[HKU\S-1-5-21-983883370-204824152-491102941-1000\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe]
"Left"="750"
"Top"="400"

=== Ende von ExportKey ===
HKEY_CURRENT_USER\SOFTWARE\Binary Noise\mPlayer\FLVPlayer.exe => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17974648 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 629929 B
Edge => 0 B
Chrome => 0 B
Firefox => 13575134 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 9794 B
NetworkService => 0 B
Silvia => 3856397 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 34.4 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:10:35 ====
         

HitmanPro:

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : SILVIA-PC
   Windows . . . . . . . : 10.0.0.14393.X64/2
   User name . . . . . . : Silvia-PC\Silvia
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-13 21:39:41
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 10m 21s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 5

   Objects scanned . . . : 2.056.537
   Files scanned . . . . : 57.803
   Remnants scanned  . . : 537.542 files / 1.461.192 keys

Malware _____________________________________________________________________

   C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\vcqnk.dll
      Size . . . . . . . : 1.422.848 bytes
      Age  . . . . . . . : 1.3 days (2017-03-12 14:15:19)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : F7A99E74EAD0CC82C608E6ECA891554CA89CCE5B3E519F874659ADEFD84B48F8
      Product  . . . . . : 4NYA7Q
      Publisher
      Description  . . . : 4NYA7Q
      Version  . . . . . : 1.49.11.11
      LanguageID . . . . : 4105
    > Kaspersky  . . . . : not-a-virus:Downloader.Win64.Wajam.ht
      Fuzzy  . . . . . . : 105.0
      Forensic Cluster
         -6.8s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\
         -6.7s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Settings.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\SignIn with Facebook.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\SignIn with Twitter.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Wajam Website.lnk
         -6.5s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Ask.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Google.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\IMDb.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Shopping.com.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\TripAdvisor.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Wikipedia.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Yahoo!.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Amazon.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Argos.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Ebay.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Etsy.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\HomeDepot.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Ikea.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Lowe's.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Mercadolivre.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\MyShopping.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Sears.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Target.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Tesco.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Walmart.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Uninstall Wajam\
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Zalando.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Uninstall Wajam\uninstall.lnk
         -2.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\
         -2.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\patcher.cfg
         -2.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\snotlings
         -2.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\waaaghs
         -2.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam.ico
         -1.8s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam_goblin_64.dll
         -0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\WWE_uninstall.exe
         -0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\
          0.0s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\vcqnk.dll
          0.0s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\amazon.ico
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\argos.ico
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ask.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\bestbuy.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ebay.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\etsy.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\facebook.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\favicon.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\google.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\homedepot.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ikea.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\imdb.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\lowes.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\mercado.ico
          0.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\mysearchweb.ico
          0.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\myshopping.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\searchresult.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\sears.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\setting.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\settings.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\shopping.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\target.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\tesco.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\tripadvisor.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\twitter.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\wajam.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\walmart.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\wiki.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\yahoo.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\zalando.ico
          2.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\
          2.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\05407804f36fbc9918ce751f1273da3d.exe
          2.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\935c9c81ed326ae7191ad4b9ba2d6bdb.exe
          3.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\c36e7331018fd1b09847f0bb6fc6d7ad.exe
          3.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\f6813891c481619fa2324d1f6665fe63.exe
          3.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\snotlings
          3.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\wajam.ico
          4.0s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\WWE_uninstall.exe
          4.0s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\
          4.1s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\amazon.ico
          4.1s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\argos.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ask.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\bestbuy.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ebay.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\etsy.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\facebook.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\favicon.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\google.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\homedepot.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ikea.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\imdb.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\lowes.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\mercado.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\mysearchweb.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\myshopping.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\searchresult.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\sears.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\setting.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\settings.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\shopping.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\target.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\tesco.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\tripadvisor.ico
          4.7s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\twitter.ico
          4.7s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\wajam.ico
          4.8s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\walmart.ico
          4.8s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\wiki.ico
          4.9s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\yahoo.ico
          4.9s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\zalando.ico
          5.2s C:\AdwCleaner\quarantine\files\qpcmeykederbuxhxkkujziqqinavpwha\
          5.2s C:\AdwCleaner\quarantine\files\qpcmeykederbuxhxkkujziqqinavpwha\APN-Stub\
          5.4s C:\AdwCleaner\quarantine\files\uqacvrtwbivogaqctzlxeebwxrvwhezo\
          5.4s C:\AdwCleaner\quarantine\files\uqacvrtwbivogaqctzlxeebwxrvwhezo\APN-Stub\
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player website.lnk
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player.lnk
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\Uninstall.lnk
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLV Player.url
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLVPlayer.exe
          6.0s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\license.txt
          6.6s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\uninst.exe
          8.1s C:\AdwCleaner\quarantine\registry\reg_udllaedjyhzdoauwfswjixtyxwvohzcj.reg
          8.6s C:\AdwCleaner\quarantine\registry\reg_pnojsexlnowaghnbbycirswvseejbqwv.reg
          9.0s C:\AdwCleaner\quarantine\registry\reg_tnbkcssfdteqsibjquezywsaarahbpwp.reg
          9.5s C:\AdwCleaner\quarantine\registry\reg_vrpkhekvdruhzpfwsiwqdtqsyegkdbae.reg
          9.9s C:\AdwCleaner\quarantine\registry\reg_kedmrjmfrsnehbosqtltisseqcxmdcnr.reg
         11.2s C:\AdwCleaner\quarantine\registry\reg_vtqabyqlkeiufuuvcjxwncafhsqymylr.reg
         11.7s C:\AdwCleaner\quarantine\registry\reg_qqysbtprkzmdmmwybvnuwgkgjdpqapac.reg
         12.9s C:\AdwCleaner\quarantine\registry\reg_jhtlijvxpumtbdonjfgnrgcjhpwioziu.reg
         12.9s C:\AdwCleaner\quarantine\registry\reg_fgrqmfhfappemfovjoakgjjfyonnvsos.reg
         13.3s C:\AdwCleaner\quarantine\registry\reg_tafhhrwwnlvydwvpehxptuxiitwyewpc.reg

   C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe
      Size . . . . . . . : 1.203.488 bytes
      Age  . . . . . . . : 743.4 days (2015-03-01 13:02:32)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 9EA0D3917451E66561D7A2DF83A06478C42D3C89244A2DD17FBABB0CBFA10C71
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0


Suspicious files ____________________________________________________________

   C:\Users\Silvia\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.424.320 bytes
      Age  . . . . . . . : 2.1 days (2017-03-11 20:03:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 888080A18968475A4AF792C1F4EAED87442D61A9BD32DAAD9763CB641B5C97D9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Silvia\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.832 bytes
      Age  . . . . . . . : 1.0 days (2017-03-12 22:08:14)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 851BCF1958D9B24F2FC8B14BA037A7356DD26025CB7CCE7D5A77F546AED12647
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -2.6s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -2.5s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -1.0s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -1.0s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.3s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.3s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.2s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Silvia\Desktop\FRST64.exe

   C:\Users\Silvia\Downloads\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 4.0 days (2017-03-09 22:37:22)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         

ESET:

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : SILVIA-PC
   Windows . . . . . . . : 10.0.0.14393.X64/2
   User name . . . . . . : Silvia-PC\Silvia
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-13 21:39:41
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 10m 21s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 5

   Objects scanned . . . : 2.056.537
   Files scanned . . . . : 57.803
   Remnants scanned  . . : 537.542 files / 1.461.192 keys

Malware _____________________________________________________________________

   C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\vcqnk.dll
      Size . . . . . . . : 1.422.848 bytes
      Age  . . . . . . . : 1.3 days (2017-03-12 14:15:19)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : F7A99E74EAD0CC82C608E6ECA891554CA89CCE5B3E519F874659ADEFD84B48F8
      Product  . . . . . : 4NYA7Q
      Publisher
      Description  . . . : 4NYA7Q
      Version  . . . . . : 1.49.11.11
      LanguageID . . . . : 4105
    > Kaspersky  . . . . : not-a-virus:Downloader.Win64.Wajam.ht
      Fuzzy  . . . . . . : 105.0
      Forensic Cluster
         -6.8s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\
         -6.7s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Settings.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\SignIn with Facebook.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\SignIn with Twitter.lnk
         -6.6s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Wajam Website.lnk
         -6.5s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Ask.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Google.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\IMDb.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Shopping.com.lnk
         -6.4s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\TripAdvisor.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Wikipedia.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Search\Yahoo!.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Amazon.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Argos.lnk
         -6.3s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Ebay.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Etsy.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\HomeDepot.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Ikea.lnk
         -6.2s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Lowe's.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Mercadolivre.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\MyShopping.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Sears.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Target.lnk
         -6.1s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Tesco.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Walmart.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Uninstall Wajam\
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Explore Social Shopping\Zalando.lnk
         -6.0s C:\AdwCleaner\quarantine\files\qxcakhvyxyjnzcxauwkuxopurbwjrcig\Uninstall Wajam\uninstall.lnk
         -2.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\
         -2.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\patcher.cfg
         -2.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\snotlings
         -2.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\waaaghs
         -2.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam.ico
         -1.8s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam_goblin_64.dll
         -0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\WWE_uninstall.exe
         -0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\
          0.0s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\vcqnk.dll
          0.0s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\amazon.ico
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\argos.ico
          0.1s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ask.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\bestbuy.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ebay.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\etsy.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\facebook.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\favicon.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\google.ico
          0.2s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\homedepot.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\ikea.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\imdb.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\lowes.ico
          0.3s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\mercado.ico
          0.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\mysearchweb.ico
          0.4s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\myshopping.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\searchresult.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\sears.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\setting.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\settings.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\shopping.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\target.ico
          0.5s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\tesco.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\tripadvisor.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\twitter.ico
          0.6s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\wajam.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\walmart.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\wiki.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\yahoo.ico
          0.7s C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\logos\zalando.ico
          2.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\
          2.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\05407804f36fbc9918ce751f1273da3d.exe
          2.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\935c9c81ed326ae7191ad4b9ba2d6bdb.exe
          3.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\c36e7331018fd1b09847f0bb6fc6d7ad.exe
          3.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\f6813891c481619fa2324d1f6665fe63.exe
          3.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\snotlings
          3.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\wajam.ico
          4.0s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\WWE_uninstall.exe
          4.0s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\
          4.1s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\amazon.ico
          4.1s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\argos.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ask.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\bestbuy.ico
          4.2s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ebay.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\etsy.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\facebook.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\favicon.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\google.ico
          4.3s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\homedepot.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\ikea.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\imdb.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\lowes.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\mercado.ico
          4.4s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\mysearchweb.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\myshopping.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\searchresult.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\sears.ico
          4.5s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\setting.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\settings.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\shopping.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\target.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\tesco.ico
          4.6s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\tripadvisor.ico
          4.7s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\twitter.ico
          4.7s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\wajam.ico
          4.8s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\walmart.ico
          4.8s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\wiki.ico
          4.9s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\yahoo.ico
          4.9s C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\logos\zalando.ico
          5.2s C:\AdwCleaner\quarantine\files\qpcmeykederbuxhxkkujziqqinavpwha\
          5.2s C:\AdwCleaner\quarantine\files\qpcmeykederbuxhxkkujziqqinavpwha\APN-Stub\
          5.4s C:\AdwCleaner\quarantine\files\uqacvrtwbivogaqctzlxeebwxrvwhezo\
          5.4s C:\AdwCleaner\quarantine\files\uqacvrtwbivogaqctzlxeebwxrvwhezo\APN-Stub\
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player website.lnk
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\FLV Player.lnk
          5.6s C:\AdwCleaner\quarantine\files\yherzlkfspybaxedoqpxjskxjprvgygi\Uninstall.lnk
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLV Player.url
          5.9s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\FLVPlayer.exe
          6.0s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\license.txt
          6.6s C:\AdwCleaner\quarantine\files\quppdyvofbeukkfqeoqlqiltkhincobz\uninst.exe
          8.1s C:\AdwCleaner\quarantine\registry\reg_udllaedjyhzdoauwfswjixtyxwvohzcj.reg
          8.6s C:\AdwCleaner\quarantine\registry\reg_pnojsexlnowaghnbbycirswvseejbqwv.reg
          9.0s C:\AdwCleaner\quarantine\registry\reg_tnbkcssfdteqsibjquezywsaarahbpwp.reg
          9.5s C:\AdwCleaner\quarantine\registry\reg_vrpkhekvdruhzpfwsiwqdtqsyegkdbae.reg
          9.9s C:\AdwCleaner\quarantine\registry\reg_kedmrjmfrsnehbosqtltisseqcxmdcnr.reg
         11.2s C:\AdwCleaner\quarantine\registry\reg_vtqabyqlkeiufuuvcjxwncafhsqymylr.reg
         11.7s C:\AdwCleaner\quarantine\registry\reg_qqysbtprkzmdmmwybvnuwgkgjdpqapac.reg
         12.9s C:\AdwCleaner\quarantine\registry\reg_jhtlijvxpumtbdonjfgnrgcjhpwioziu.reg
         12.9s C:\AdwCleaner\quarantine\registry\reg_fgrqmfhfappemfovjoakgjjfyonnvsos.reg
         13.3s C:\AdwCleaner\quarantine\registry\reg_tafhhrwwnlvydwvpehxptuxiitwyewpc.reg

   C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe
      Size . . . . . . . : 1.203.488 bytes
      Age  . . . . . . . : 743.4 days (2015-03-01 13:02:32)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 9EA0D3917451E66561D7A2DF83A06478C42D3C89244A2DD17FBABB0CBFA10C71
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0


Suspicious files ____________________________________________________________

   C:\Users\Silvia\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.424.320 bytes
      Age  . . . . . . . : 2.1 days (2017-03-11 20:03:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 888080A18968475A4AF792C1F4EAED87442D61A9BD32DAAD9763CB641B5C97D9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Silvia\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.832 bytes
      Age  . . . . . . . : 1.0 days (2017-03-12 22:08:14)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 851BCF1958D9B24F2FC8B14BA037A7356DD26025CB7CCE7D5A77F546AED12647
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -2.6s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -2.5s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -1.0s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -1.0s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.3s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.3s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.2s C:\Users\Silvia\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Silvia\Desktop\FRST64.exe

   C:\Users\Silvia\Downloads\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 4.0 days (2017-03-09 22:37:22)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2017
durchgeführt von Silvia (Administrator) auf SILVIA-PC (15-03-2017 05:53:22)
Gestartet von C:\Users\Silvia\Desktop
Geladene Profile: Silvia & DefaultAppPool (Verfügbare Profile: Silvia & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Run: [Dropbox Update] => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d96e33c9-9c49-41b5-9ccb-f54ed90cc9d8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-983883370-204824152-491102941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183 [2017-03-15]
FF Extension: (WEB.DE MailCheck) - C:\Users\Silvia\AppData\Roaming\Mozilla\Firefox\Profiles\270o59bb.default-1489091303183\Extensions\mailcheck@web.de [2017-03-12]
FF Extension: (UITBAutoInstaller) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26] [ist nicht signiert]
FF HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-23] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3883544 2016-12-22] (devolo AG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [Datei ist nicht signiert]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [111320 2016-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1574744 2016-01-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S3 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2015-09-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-09] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\WINDOWS\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-15 05:53 - 2017-03-15 05:57 - 00018769 _____ C:\Users\Silvia\Desktop\FRST.txt
2017-03-15 05:48 - 2017-03-15 05:48 - 00003431 _____ C:\Users\Silvia\Desktop\ESET log.txt
2017-03-13 22:02 - 2017-03-13 22:03 - 02870984 _____ (ESET) C:\Users\Silvia\Desktop\esetsmartinstaller_deu.exe
2017-03-13 21:38 - 2017-03-13 22:01 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-13 20:23 - 2017-03-13 21:38 - 11581544 _____ (SurfRight B.V.) C:\Users\Silvia\Desktop\HitmanPro_x64.exe
2017-03-13 20:10 - 2017-03-13 20:10 - 00002552 _____ C:\Users\Silvia\Desktop\Fixlog.txt
2017-03-13 20:03 - 2017-03-13 20:03 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-03-12 22:16 - 2017-03-12 22:17 - 00165376 _____ C:\Users\Silvia\Desktop\SystemLook_x64.exe
2017-03-12 22:08 - 2017-03-15 05:53 - 00000000 ____D C:\Users\Silvia\Desktop\FRST-OlderVersion
2017-03-12 14:28 - 2017-03-15 05:57 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:28 - 2017-03-13 20:12 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:27 - 2017-03-13 20:12 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:27 - 2017-03-13 20:12 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:27 - 2017-03-12 14:27 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:27 - 2017-03-12 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:27 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:26 - 2017-03-12 14:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:23 - 2017-03-12 14:26 - 57131432 _____ (Malwarebytes ) C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:01 - 2017-03-12 14:15 - 00000000 ____D C:\AdwCleaner
2017-03-12 14:00 - 2017-03-12 14:01 - 04031440 _____ C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:45 - 2017-03-12 13:45 - 00028190 _____ C:\ProgramData\agent.1489322704.bdinstall.bin
2017-03-12 13:37 - 2017-03-13 20:06 - 00000000 ____D C:\Users\Silvia\Desktop\Virus
2017-03-11 20:19 - 2017-03-11 20:52 - 00523380 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_20.19.08_log.txt
2017-03-11 20:18 - 2017-03-11 20:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Silvia\Desktop\tdsskiller.exe
2017-03-11 20:03 - 2017-03-15 05:53 - 02424832 _____ (Farbar) C:\Users\Silvia\Desktop\FRST64.exe
2017-03-11 19:45 - 2017-03-11 19:45 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 22:40 - 2017-03-09 22:42 - 00066908 _____ C:\Users\Silvia\Downloads\Addition.txt
2017-03-09 22:38 - 2017-03-15 05:53 - 00000000 ____D C:\FRST
2017-03-09 22:38 - 2017-03-09 22:42 - 00025098 _____ C:\Users\Silvia\Downloads\FRST.txt
2017-03-09 22:37 - 2017-03-09 22:37 - 02423808 _____ (Farbar) C:\Users\Silvia\Downloads\FRST64.exe
2017-03-09 21:33 - 2017-03-09 21:33 - 00097882 _____ C:\ProgramData\1489091590.bdinstall.bin
2017-03-09 21:28 - 2017-03-09 21:28 - 00000000 ____D C:\Users\Silvia\Desktop\Alte Firefox-Daten
2017-03-03 11:11 - 2017-03-03 11:11 - 00032740 _____ C:\Users\Silvia\Downloads\Dinkel Pizzateig - 2016-09-10.pdf
2017-02-23 20:17 - 2017-02-23 20:48 - 00000000 ____D C:\Users\Silvia\Desktop\Igel Fotostick
2017-02-15 10:14 - 2017-02-15 10:14 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-15 10:14 - 2017-02-15 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-15 05:44 - 2016-10-14 23:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-15 05:44 - 2016-03-25 17:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-03-13 20:16 - 2016-07-16 07:04 - 00131072 _____ C:\WINDOWS\system32\config\ELAM
2017-03-13 20:16 - 2013-09-18 18:17 - 00000000 ___RD C:\Users\Silvia\Dropbox
2017-03-13 20:11 - 2016-10-15 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-13 20:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-13 20:10 - 2013-05-20 18:36 - 00150982 _____ C:\bdlog.txt
2017-03-13 20:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\DefaultAppPool
2017-03-12 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-12 15:04 - 2016-10-14 23:51 - 01951094 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 15:04 - 2016-07-16 23:51 - 00715542 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-12 15:04 - 2016-07-16 23:51 - 00160732 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-12 13:55 - 2016-11-24 11:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-12 13:55 - 2012-08-19 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-12 13:44 - 2013-05-20 17:06 - 00000000 ____D C:\ProgramData\BDLogging
2017-03-11 19:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-11 19:46 - 2013-09-18 18:15 - 00000000 ____D C:\Users\Silvia\AppData\Roaming\Dropbox
2017-03-09 22:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 15:05 - 2013-05-20 16:16 - 02426440 _____ C:\Users\Silvia\Desktop\bitdefender_antivirus2013.exe
2017-03-09 10:17 - 2015-06-12 22:02 - 00000000 ____D C:\Users\Silvia\AppData\Local\Dropbox
2017-03-01 12:03 - 2016-10-14 23:52 - 00000000 ____D C:\Users\Silvia
2017-03-01 11:20 - 2012-08-19 11:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 09:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 09:01 - 2013-07-28 21:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:07 - 2012-08-22 20:49 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 20:49 - 2014-08-18 15:46 - 00000000 ____D C:\Users\Silvia\AppData\Local\Adobe
2017-02-23 20:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-18 11:09 - 2016-12-07 07:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 11:08 - 2016-03-06 13:22 - 00002421 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 11:08 - 2016-03-06 13:22 - 00000000 ___RD C:\Users\Silvia\OneDrive
2017-02-15 10:14 - 2012-08-19 07:37 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-19 08:08 - 2012-04-19 08:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 07:59 - 2012-04-19 07:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2016-05-23 20:52 - 2016-05-23 20:52 - 0000385 _____ () C:\Users\Silvia\AppData\Roaming\user_gensett.xml
2012-10-07 17:24 - 2012-10-07 17:24 - 0000393 _____ () C:\Users\Silvia\AppData\Local\HamsterVideoConverterSettings.cfg
2016-04-14 18:41 - 2016-04-14 18:41 - 0627349 _____ () C:\ProgramData\1460653227.bdinstall.bin
2016-06-15 06:33 - 2016-06-15 06:33 - 0026781 _____ () C:\ProgramData\1465968770.bdinstall.bin
2017-03-09 21:33 - 2017-03-09 21:33 - 0097882 _____ () C:\ProgramData\1489091590.bdinstall.bin
2016-09-20 11:32 - 2016-09-20 11:32 - 0026838 _____ () C:\ProgramData\agent.1474367523.bdinstall.bin
2016-11-02 14:41 - 2016-11-02 14:41 - 0028759 _____ () C:\ProgramData\agent.1478094058.bdinstall.bin
2017-03-12 13:45 - 2017-03-12 13:45 - 0028190 _____ () C:\ProgramData\agent.1489322704.bdinstall.bin
2016-10-14 23:48 - 2016-10-14 23:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-26 18:49 - 2014-12-26 21:42 - 0000836 _____ () C:\ProgramData\hpzinstall.log
2011-11-03 19:44 - 2011-11-03 19:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-11-03 19:37 - 2011-11-03 19:37 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-11-03 19:41 - 2011-11-03 19:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-03 19:38 - 2011-11-03 19:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-11-03 19:42 - 2011-11-03 19:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 10:39

==================== Ende von FRST.txt ============================
         

Alt 15.03.2017, 06:20   #13
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-03-2017
durchgeführt von Silvia (15-03-2017 05:59:48)
Gestartet von C:\Users\Silvia\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-14 23:30:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-983883370-204824152-491102941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-983883370-204824152-491102941-503 - Limited - Disabled)
Gast (S-1-5-21-983883370-204824152-491102941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-983883370-204824152-491102941-1002 - Limited - Enabled)
Silvia (S-1-5-21-983883370-204824152-491102941-1000 - Administrator - Enabled) => C:\Users\Silvia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender-Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender-Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli Fotobücher (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B4ED54A-A741-5D36-40C6-0DA839CA033F}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1423 - Bitdefender)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.6.0.326 - Bitdefender)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.2.0 - devolo AG)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finanzplaner PRO (HKLM-x32\...\Finanzplaner PRO) (Version:  - FinanzPortal24 GmbH)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-983883370-204824152-491102941-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0.6273 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{E47A3570-59A0-4948-A678-A930FEE8AAC7}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{B999EF65-7140-47E1-BED0-6A32E64A0D7D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-983883370-204824152-491102941-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Silvia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1399D005-9179-4EB0-B62B-C71085F1CB81} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {1B0CAC01-78B1-46EA-AAD0-A5C0C9A9EEBD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1BBE6E19-EAC8-48F9-A650-29AC264EC91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {27018021-93D3-4181-A414-70E233096DA8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4CFDEB-63DC-4061-BBED-999970D6C986} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2013\bdproductdata.exe 
Task: {2F0D4068-C9FA-4B45-A7FC-625D0F57B02A} - System32\Tasks\{EE305C4B-2645-4AD4-AB31-8774E0D9EF4D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {34185101-2D74-4011-908B-B1FC4B4C4BE7} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe 
Task: {40CA2C1C-8985-452E-B5F1-23E374E19F48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4A1A75AC-E505-48A8-ACAD-2FB594C0BB58} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {4BD94884-E059-4F7C-8455-62E2AA5A3DBE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated)
Task: {5996EC8B-1C65-4C80-84F9-96E88B7A1A86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {6300AB21-F4AE-4D28-97B2-6921A3833149} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {73CC6AD6-7914-402D-B519-52F325732A2B} - System32\Tasks\{C7DA0173-A309-4F90-B5F2-89918793E3A1} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.30.0.105.411/de/abandoninstall?page=tsProgressBar
Task: {7556EB99-AC76-4EE7-9CB3-0B4CCE2DCDB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {75B74FA7-121A-45AF-A58F-CE8474E83919} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {850E9F07-2096-4FE9-A733-FE077D4AABE5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8B334E28-4173-4E7B-B70D-2239A7897ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {8C128A29-BC22-409A-B3B4-B6A225FC4454} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9A651807-3F5E-4BD4-AAAF-938487ACD279} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9C7B57B7-F799-4A6C-929D-59D86F528183} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9D3B18C5-480C-4532-A960-D319D34E5EE7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {9FED81DA-52A7-4C9D-8AB0-16EFCF8E0626} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {A2A0F0F1-0AD4-4693-9963-A68C0DEBC0CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {AB30CF4B-78EE-43C6-84AF-18B9600D7A09} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {AF8E0C35-0478-480E-AB08-8B82E504A785} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {B24C4704-4B41-438C-A0D8-EB1B1B19B584} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {BCF1F663-95A5-46DA-A8D2-EEE34805A0B3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C491C115-391E-4D12-8322-67457D3CA592} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CB902C20-D63C-4BA9-ABDC-BF90E0F37791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D1A7B405-6102-4350-8033-19B49D45750C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {D64C454A-E02D-4972-99F7-BF6AEF595F22} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D89CE4B1-DC7B-42F9-98E6-F9C8DE7003A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DC02FBDE-D986-497A-9492-9186C3C240E6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DEF7D778-88F3-48E0-8236-1247220EDAA7} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe 
Task: {F1B6F95C-CAB2-4BFF-AA66-C6BB1E217B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F31AABE0-BE26-427E-8159-BF36BA8A0C32} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Silvia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {F645E1B5-0C8C-49DE-8DF7-045D7C9C022E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {FB5C8F08-3D93-43D7-9E1F-FB95C61673F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FC32A813-B554-47A0-B581-AD88FB648F7B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000Core1d238be2862dc7c.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-983883370-204824152-491102941-1000UA1d238be289e236d.job => C:\Users\Silvia\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 18:19 - 2015-11-04 13:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-04-14 18:18 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-04-14 18:19 - 2016-03-02 15:08 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2017-02-07 16:40 - 2017-02-07 16:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpbr.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpdsp.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttpph.mdl
2017-02-07 16:40 - 2017-02-07 16:40 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_02451_005\ashttprbl.mdl
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-11-03 19:41 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-12 14:26 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-12 14:27 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-14 12:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-15 00:32 - 2016-10-15 00:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-16 11:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-16 11:05 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-16 11:05 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-16 11:05 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-13 08:41 - 2015-04-14 10:05 - 01428760 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-02-25 09:22 - 2017-02-25 09:33 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-25 09:22 - 2017-02-25 09:33 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-25 09:22 - 2017-02-25 09:33 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-08 10:11 - 2017-02-08 10:48 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-28 11:15 - 2017-03-01 10:04 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 15:18 - 2016-06-03 19:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-28 11:15 - 2017-03-01 10:04 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-09 23:19 - 2016-03-09 23:21 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-16 11:05 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-10-15 00:33 - 2016-10-15 00:33 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-10-15 00:33 - 2016-10-15 00:33 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 09741592 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-04-13 08:35 - 2015-04-14 10:06 - 03929880 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02872600 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-04-13 08:36 - 2015-04-14 10:05 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02136856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01960728 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-04-13 08:35 - 2014-02-11 10:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 04463896 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01593624 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 05308184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 02392344 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01171224 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01633560 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01341720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01312536 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 07374616 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01296664 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-04-13 08:35 - 2015-04-14 10:05 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2017-03-11 19:44 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-11 19:45 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-11 19:44 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-11 19:45 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-11 19:45 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-11 19:44 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-11 19:45 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-25 09:43 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-11 19:45 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-11 19:44 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-11 19:44 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-11 19:44 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-11 19:44 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-11 19:44 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-11 19:44 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-11 19:45 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-11 19:45 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-11 19:45 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Silvia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\AdwCleaner_6.044.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\esetsmartinstaller_deu.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\HitmanPro_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\SystemLook_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ALDI Bestellsoftware Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Barchart-windows64-online.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ccsetup402_slim.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\devolo-cockpit-v4-3-2.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Dropbox 2.0.26.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-14.3.20130522u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.0.20150113k.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\ElsterFormular-16.1.20150309u.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-0-6.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-3-13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\fotokasten_comfort_[2116]_5-4-8.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer11x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\install_flashplayer17x32au_mssa_aaa_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jre-7u25-windows-x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(2).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(3).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(4).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(5).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\jxpiinstall(6).exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\Nero2016-17.09.2015_stub_trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\OJ4500vG510a-f_Full_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Silvia\Downloads\SkypeSetup.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-983883370-204824152-491102941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bbeb6448-8619-4f01-847d-26d45d85e6ac}.JPG
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

==================== Wiederherstellungspunkte =========================

23-02-2017 22:00:27 Windows Update
01-03-2017 20:02:06 Windows-Sicherung
13-03-2017 20:33:57 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/15/2017 05:47:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/15/2017 05:47:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 11:01:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Silvia-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/14/2017 05:38:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Silvia-PC)
Description: Das Paket „Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (03/13/2017 10:06:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/13/2017 10:04:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/13/2017 10:03:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\silvia\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/13/2017 10:03:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Silvia\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/13/2017 10:03:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Silvia\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/13/2017 10:03:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Silvia\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/14/2017 11:32:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 11:32:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Silvia\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 11:32:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 11:32:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Silvia\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 11:32:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 11:32:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Silvia\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 11:32:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 11:32:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Silvia\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 11:32:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 11:32:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Silvia\AppData\Local\Temp\ehdrv.sys


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3305M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 69%
Installierter physikalischer RAM: 3563.87 MB
Verfügbarer physikalischer RAM: 1102.3 MB
Summe virtueller Speicher: 7147.87 MB
Verfügbarer virtueller Speicher: 4069.9 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:178 GB) (Free:92.31 GB) NTFS
Drive d: () (Fixed) (Total:266.26 GB) (Free:72.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933609DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266.3 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.4 GB) - (Type=27)

==================== Ende von Addition.txt ============================
         
Danke!

Alt 15.03.2017, 15:41   #14
M-K-D-B
/// TB-Ausbilder
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Servus,


du hast versehentlich zweimal die Logdatei von Hitman gepostet. Bitte reiche mir noch die Logdatei von ESET nach.

Anschließend beantworte ich noch offene Fragen und wir kümmern uns um den Rest.

Alt 15.03.2017, 18:00   #15
Xare123
 
Myfilestore.com Virus eingefangen? - Standard

Myfilestore.com Virus eingefangen?



Sorry, kommt ...

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563aba6e3bae8741ad1f9870876bbedb
# end=init
# utc_time=2017-03-13 09:04:02
# local_time=2017-03-13 10:04:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32703
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=563aba6e3bae8741ad1f9870876bbedb
# end=updated
# utc_time=2017-03-13 09:27:18
# local_time=2017-03-13 10:27:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=563aba6e3bae8741ad1f9870876bbedb
# engine=32703
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-14 10:32:25
# local_time=2017-03-14 11:32:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2067 16777213 83 96 95368 193379654 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 13042550 30520038 0 0
# scanned=337013
# found=8
# cleaned=8
# scan_time=3907
sh=E2FFADAEB3EA8237282585757BCAAEDC6CE796E8 ft=1 fh=372ae60dad225c60 vn="Variante von Win64/Wajam.I eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\wajam_goblin_64.dll"
sh=BDADEAF68BD430A3DF8ADE1123C9213639B5CF8B ft=1 fh=97a8936e0ed33201 vn="Win32/Wajam.AI eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\WWE_uninstall.exe"
sh=8150B5CB0155B130FB68D5128CD01BC7BC536F2A ft=1 fh=372ae60dad225c60 vn="Variante von Win64/Wajam.I eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\kcembrbjwfhdttqbsbzhyxotcphxvoci\dlls\vcqnk.dll"
sh=251CA7A7B1EA269AAA24E58686BB17A386088DBF ft=1 fh=526c9d0177842dc8 vn="Variante von Win64/Wajam.B eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\05407804f36fbc9918ce751f1273da3d.exe"
sh=14E9687972EC83D101EAF55F857D5AEDD9254701 ft=1 fh=9f07491f8a9d26bb vn="Variante von Win32/Wajam.AA eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\c36e7331018fd1b09847f0bb6fc6d7ad.exe"
sh=AA8536D68A38DE6CE11F89F7EFCEBDC7ED9F37E9 ft=1 fh=9bf365db9a49997b vn="Win32/Wajam.AI eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\znaxkihlysvnpwugnthnpoitxgpllogh\WWE_uninstall.exe"
sh=6B9C8E492228773EBEF9B89C09A5CD065B3B3D92 ft=1 fh=c68f28ef81322fd9 vn="Variante von Win32/DownloadSponsor.A eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Silvia\Downloads\Nero Burning ROM Classic - CHIP-Installer.exe"
sh=EDF353EC4DF9E06C1914E3ADA40F1350633D1332 ft=1 fh=905ebfc75ab24c5f vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Silvia\Downloads\SuperTuxKart - CHIP-Installer.exe"
         

Antwort

Themen zu Myfilestore.com Virus eingefangen?
.dll, antivirus, ccsetup, defender, desktop, explorer, firefox, flash player, google, home, installation, mozilla, myfilestore, myfilestore.com, port, prozesse, realtek, registry, rundll, scan, schutz, services.exe, super, symantec, system, virus, windows, windowsapps, winlogon.exe, wiso




Ähnliche Themen: Myfilestore.com Virus eingefangen?


  1. Virus eingefangen?
    Plagegeister aller Art und deren Bekämpfung - 14.12.2016 (29)
  2. Virus Gen:Variant.Kazy.631108 und Weiterleitung auf Myfilestore und adultfriendfinder
    Log-Analyse und Auswertung - 10.07.2015 (27)
  3. Virus:Gen:Variant.Kazy.631108 und weiterleitung auf Myfilestore etc..
    Mülltonne - 19.06.2015 (0)
  4. Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 29.04.2015 (16)
  5. Virus eingefangen ?
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (1)
  6. Redirect Virus NB - Landete auf MyFilestore.com bei google Suche und installierte etwas Komisches
    Log-Analyse und Auswertung - 28.04.2013 (23)
  7. Redirect Virus - Lande auf MyFilestore.com bei google Suche
    Log-Analyse und Auswertung - 26.04.2013 (15)
  8. GVU Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (5)
  9. Virus eingefangen..
    Plagegeister aller Art und deren Bekämpfung - 07.02.2013 (1)
  10. AKM-Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (4)
  11. AKM-Virus eingefangen
    Mülltonne - 25.09.2012 (1)
  12. BKA-Virus 1.13 eingefangen!
    Log-Analyse und Auswertung - 03.09.2012 (3)
  13. 50 € Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (29)
  14. BKA-Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.01.2012 (33)
  15. Virus Eingefangen
    Log-Analyse und Auswertung - 02.08.2007 (23)
  16. Virus eingefangen - Virus.Win32.AutoRun.ah
    Plagegeister aller Art und deren Bekämpfung - 01.08.2007 (14)
  17. Virus eingefangen
    Log-Analyse und Auswertung - 20.05.2006 (10)

Zum Thema Myfilestore.com Virus eingefangen? - Guten Abend, meine Frau hat heute in Google eine Anleitung für den Spielzeug-Traktor unseres Sohnes gesucht. Sie hat dann auf einen Link zu einem Forum geklickt (www.modelltruck.net) und wurde auf - Myfilestore.com Virus eingefangen?...

Alle Zeitangaben in WEZ +1. Es ist jetzt 02:00 Uhr.


Copyright ©2000-2024, Trojaner-Board
Archiv
Du betrachtest: Myfilestore.com Virus eingefangen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.