Thema: ADWCleaner6.046 läuft durch beim Löschen hängt sich der PC auf - was kann die Ursache sein?

gregster · 28.04.2017, 18:07

Hallo Leute, bin neu hier;

habe folgendes Problem: mein PC, Win. 10 Home wurde vor geraumer Zeit immer langsamer. Nach Durchlauf von einigen Virenprogrammen (Freeware) wurden auch Viren gefunden. Malwarebytes, ADWCleaner, ChicaLogic geprüft, mit den Programmen wird auch was gefunden aber leider, wenn es zum Löschen der Dateien kommt hängt sich mein PC komplett auf so, dass nur noch Reset möglich ist um aus dem Modus rauszukommen.

Vor kurzem habe ich Norton gekauft und Komplettscan durchgeführt, PC ist wieder etwas schneller geworden, leider funktioniert das Löschen der dubiosen Dateien nach dem Suchlauf mit den oben erwähnten Programmen auch nicht, so als würde hier irgend was die Löschung blockieren.

Bitte um Hilfe

Hier mein File:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
durchgefÃ¼hrt von Julien (Administrator) auf HOMEPC (28-04-2017 17:10:54)
Gestartet von C:\Users\Julien\Downloads
Geladene Profile: Julien (VerfÃ¼gbare Profile: Julien & Administrator)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung fÃ¼r Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsgui.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [Amazon Music] => C:\Users\Julien\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurÃ¼ckgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e64359d6-d010-4166-882f-51061b3710e5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e84bf977-7d9d-48af-922b-627d2ba5065c}: [DhcpNameServer] 10.72.0.72 10.72.0.73

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-836797742-737356516-1884966141-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> DefaultScope {2DD994EE-4BBD-4450-B1FE-9411B76D18E7} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> OldSearch URL =
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> {2DD994EE-4BBD-4450-B1FE-9411B76D18E7} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> {6CCAD392-DAA4-4E63-B9DF-389D743FF85D} URL =
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-05-13] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon [2017-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-07-22] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-24] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default [2017-04-25]
CHR Extension: (Google PrÃ¤sentationen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-21]
CHR Extension: (Google Docs) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-21]
CHR Extension: (Google Drive) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-21]
CHR Extension: (YouTube) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-04-21]
CHR Extension: (Google Tabellen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-21]
CHR Extension: (Google Docs Offline) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-04-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-21]
CHR Extension: (Google Mail) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-21]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-04-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-04-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 CPCSScheduler; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe [418376 2013-04-04] (ChicaLogic)
R2 CPCSService; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe [701512 2013-04-04] (ChicaLogic)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-04-19] (Digital Wave Ltd.)
S4 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-31] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S4 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 NS; C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe [326160 2017-03-16] (Symantec Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\BASHDefs\20170424.001\BHDrvx64.sys [1831064 2017-04-17] (Symantec Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\ccSetx64.sys [174240 2017-03-16] (Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CPCSProtector; C:\WINDOWS\system32\drivers\cpcs.sys [25928 2013-04-04] (ChicaLogic)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497304 2017-04-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-04-06] (Symantec Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\IPSDefs\20170426.001\IDSvia64.sys [1036440 2017-04-27] (Symantec Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_39d8ca1ac617325e\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SRTSP; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSP64.SYS [770200 2017-03-16] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSPX64.SYS [49312 2017-03-16] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SYMEFASI64.SYS [1716896 2017-03-16] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SymELAM.sys [24616 2017-03-16] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-04-20] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\Ironx64.SYS [291480 2017-03-16] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SYMNETS.SYS [567512 2017-03-16] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\SDSDefs\20170420.002\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\SDSDefs\20170420.002\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-28 17:10 - 2017-04-28 17:11 - 00026198 _____ C:\Users\Julien\Downloads\FRST.txt
2017-04-28 17:10 - 2017-04-28 17:10 - 02427392 _____ (Farbar) C:\Users\Julien\Downloads\FRST64.exe
2017-04-28 17:10 - 2017-04-28 17:10 - 00000000 ____D C:\FRST
2017-04-28 16:54 - 2017-04-28 16:54 - 03144880 _____ (Avira Operations GmbH & Co. KG) C:\Users\Julien\Downloads\avira_registry_cleaner_de.exe
2017-04-28 16:52 - 2017-04-28 16:52 - 00000000 ___HD C:\OneDriveTemp
2017-04-28 16:42 - 2017-04-28 16:42 - 00000000 ___RD C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-04-27 19:23 - 2017-04-27 19:23 - 00000640 _____ C:\Users\Julien\Desktop\LuPO-SchÃ¼lerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-SchÃ¼lerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000625 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-Lehrerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000613 _____ C:\Users\Public\Desktop\LuPO-Lehrerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-Versionshinweise.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000000 ____D C:\LuPO
2017-04-25 21:48 - 2017-04-25 21:48 - 04102600 _____ C:\Users\Julien\Downloads\adwcleaner_6.046.exe
2017-04-24 21:48 - 2017-04-24 21:48 - 00000868 _____ C:\Users\Julien\Downloads\FRITZ!Box_Fon_WLAN_7390_84.06.83_24.04.2017_21_48-diagnose.csv
2017-04-21 21:30 - 2017-04-21 21:30 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2017-04-21 21:28 - 2017-04-21 21:28 - 01496584 _____ C:\Users\Julien\Downloads\adblockplusie-1.5 - CHIP-Installer.exe
2017-04-21 21:26 - 2017-04-21 21:26 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-21 21:26 - 2017-04-21 21:26 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00002326 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-21 21:26 - 2017-04-21 21:26 - 00000000 ____D C:\Program Files\CCleaner
2017-04-21 21:25 - 2017-04-21 21:30 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-21 21:25 - 2017-04-21 21:30 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-21 21:25 - 2017-04-21 21:29 - 00000000 ____D C:\Users\Julien\AppData\Local\Google
2017-04-21 21:25 - 2017-04-21 21:25 - 09390672 _____ (Piriform Ltd) C:\Users\Julien\Downloads\ccsetup529.exe
2017-04-20 20:36 - 2017-04-28 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-04-20 20:29 - 2017-04-21 15:59 - 00000000 ____D C:\Users\Julien\AppData\Local\NPE
2017-04-20 20:28 - 2017-04-28 16:52 - 00000000 ____D C:\Users\Julien\AppData\Local\CrashDumps
2017-04-20 19:45 - 2017-04-28 16:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-04-20 19:43 - 2017-04-20 19:43 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-04-20 19:43 - 2017-04-20 19:43 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-04-20 19:43 - 2017-04-20 19:43 - 00003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-04-20 19:43 - 2017-04-20 19:43 - 00002208 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-04-20 19:43 - 2017-04-20 19:43 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-04-20 19:42 - 2017-04-20 19:43 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\Program Files\Norton Security
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-04-20 19:39 - 2017-04-20 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-20 19:39 - 2017-04-20 19:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-20 19:39 - 2016-12-29 14:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-04-20 19:39 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-20 19:39 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-20 19:39 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-20 19:39 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-20 19:37 - 2017-04-20 20:29 - 00000000 ____D C:\ProgramData\Norton
2017-04-20 19:37 - 2017-04-20 19:37 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-04-19 11:47 - 2017-04-19 11:47 - 00000597 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laura Sicherung (2).lnk
2017-04-18 22:51 - 2017-04-18 22:51 - 00000000 ____D C:\Users\Julien\AppData\Local\DBG
2017-04-18 22:47 - 2017-04-19 10:56 - 00000000 ____D C:\Users\Julien\AppData\Local\MicrosoftEdge
2017-04-18 22:24 - 2017-04-18 22:25 - 00000000 ____D C:\Windows.old
2017-04-18 22:24 - 2017-04-18 22:24 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-18 22:24 - 2017-04-18 22:24 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-18 22:24 - 2017-04-18 22:24 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-18 22:23 - 2017-04-18 22:23 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-18 22:23 - 2017-04-18 22:23 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-18 22:22 - 2017-04-18 22:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files\MSBuild
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-18 22:17 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-18 22:17 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-04-18 22:15 - 2017-04-18 22:15 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 22:15 - 2017-04-18 22:15 - 00002426 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 22:12 - 2017-04-21 16:02 - 00000000 ____D C:\Users\Julien\AppData\Local\Comms
2017-04-18 22:12 - 2017-04-18 22:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-18 22:10 - 2017-04-18 22:11 - 00000000 ____D C:\Users\Julien\AppData\Local\ConnectedDevicesPlatform
2017-04-18 22:10 - 2017-04-18 22:10 - 00000020 ___SH C:\Users\Julien\ntuser.ini
2017-04-18 22:10 - 2017-04-18 22:10 - 00000000 ____D C:\Users\Julien\AppData\Local\TileDataLayer
2017-04-18 22:10 - 2017-04-18 22:10 - 00000000 ____D C:\Users\Julien\AppData\Local\Publishers
2017-04-18 21:53 - 2017-04-18 21:57 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-04-18 21:53 - 2017-04-18 21:57 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-04-18 21:51 - 2017-04-28 16:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-18 21:51 - 2017-04-21 14:06 - 00003556 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncher
2017-04-18 21:51 - 2017-04-18 21:51 - 00003662 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2017-04-18 21:51 - 2017-04-18 21:51 - 00003256 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-18 21:51 - 2017-04-18 21:51 - 00003080 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2017-04-18 21:51 - 2017-04-18 21:51 - 00003072 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7D19CF0-E87B-43C3-8D3E-595AD8772A0A}
2017-04-18 21:51 - 2017-04-18 21:51 - 00002950 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2017-04-18 21:51 - 2017-04-18 21:51 - 00002848 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2017-04-18 21:51 - 2017-04-18 21:51 - 00002808 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-836797742-737356516-1884966141-1001
2017-04-18 21:51 - 2017-04-18 21:51 - 00002702 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2017-04-18 21:51 - 2017-04-18 21:51 - 00002350 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2017-04-18 21:51 - 2017-04-18 21:51 - 00002350 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2017-04-18 21:51 - 2017-04-18 21:51 - 00001836 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-04-18 21:48 - 2017-04-28 16:48 - 02197866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-18 21:41 - 2017-04-18 21:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-18 21:39 - 2017-04-18 21:39 - 00000000 ____D C:\ProgramData\USOShared
2017-04-18 21:36 - 2017-04-18 21:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-18 21:35 - 2017-04-28 16:41 - 00000000 ____D C:\Users\Julien
2017-04-18 21:35 - 2017-04-20 20:18 - 00000000 ____D C:\Users\Administrator
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Vorlagen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\StartmenÃ¼
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Netzwerkumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Lokale Einstellungen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Eigene Dateien
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Druckumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Videos
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Musik
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Bilder
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Local\Verlauf
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Local\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\StartmenÃ¼
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-18 21:31 - 2017-04-28 16:41 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-18 21:31 - 2017-04-20 19:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:31 - 00463760 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2017-04-18 21:31 - 2017-04-18 21:31 - 00019501 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-04-18 21:31 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-18 21:31 - 2016-12-19 09:26 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\Program Files\Realtek
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-04-18 21:28 - 2017-04-28 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-18 21:28 - 2017-04-20 19:56 - 00275248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-18 21:28 - 2017-04-18 21:28 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-18 19:37 - 2017-04-21 21:30 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-18 19:37 - 2017-04-18 20:26 - 00000000 ___HD C:\$WINDOWS.~BT
2017-04-18 19:35 - 2017-04-18 19:37 - 00000036 _____ C:\WINDOWS\progress.ini
2017-04-18 18:53 - 2017-04-18 22:09 - 00000000 ___HD C:\$GetCurrent
2017-04-18 18:52 - 2017-04-18 22:10 - 00000000 ____D C:\Windows10Upgrade
2017-04-18 18:52 - 2017-04-18 18:52 - 00000704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-04-18 18:52 - 2017-04-18 18:52 - 00000692 _____ C:\Users\Julien\Desktop\Windows 10-Upgrade-Assistent.lnk
2017-04-16 13:37 - 2017-04-18 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\Users\Julien\AppData\Roaming\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\ProgramData\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\Program Files (x86)\ChicaLogic
2017-04-16 13:37 - 2013-04-04 14:51 - 00025928 _____ (ChicaLogic) C:\WINDOWS\system32\Drivers\cpcs.sys
2017-04-16 13:35 - 2017-04-25 21:59 - 00000000 ____D C:\AdwCleaner
2017-04-16 12:31 - 2017-04-21 21:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-16 12:31 - 2017-04-16 12:38 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-16 12:31 - 2017-04-16 12:31 - 00000000 ____D C:\Users\Julien\AppData\Roaming\TeamViewer
2017-04-15 20:19 - 2017-04-16 09:09 - 00000000 ____D C:\ReimageUndo
2017-04-15 20:06 - 2017-04-16 14:00 - 00000140 _____ C:\WINDOWS\Reimage.ini
2017-04-15 20:06 - 2017-04-16 09:08 - 00000000 ____D C:\rei
2017-04-15 20:06 - 2017-04-15 20:07 - 00000000 ____D C:\Program Files\Reimage
2017-04-15 15:50 - 2016-08-22 18:33 - 00002090 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Madlens IPhone.lnk
2017-04-14 19:39 - 2017-04-14 19:39 - 00029195 _____ C:\ProgramData\agent.1492191576.bdinstall.bin
2017-04-14 17:31 - 2017-04-14 17:31 - 00047397 _____ C:\ProgramData\agent.1492183909.bdinstall.bin
2017-04-14 17:31 - 2017-04-14 17:31 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-04-14 17:30 - 2017-04-14 17:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-04-14 17:22 - 2017-04-14 17:22 - 01496584 _____ C:\Users\Julien\Downloads\AntiVir Avira Free Antivirus - CHIP-Installer.exe
2017-04-10 15:29 - 2017-04-24 19:40 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Skype
2017-04-10 15:29 - 2017-04-18 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-10 15:29 - 2017-04-18 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-10 15:29 - 2017-04-10 15:29 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ____D C:\Users\Julien\AppData\Local\Skype
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ____D C:\ProgramData\Skype
2017-04-10 15:28 - 2017-04-14 17:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-10 15:25 - 2016-12-29 15:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-04-10 15:18 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2017-04-10 15:16 - 2017-02-22 16:35 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-04-07 16:28 - 2017-04-07 16:28 - 00000000 ____D C:\Users\Julien\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: GeÃ¤nderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-28 16:52 - 2015-02-02 22:53 - 00000000 __RDO C:\Users\Julien\OneDrive
2017-04-28 16:48 - 2017-03-20 06:35 - 00988064 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-28 16:48 - 2017-03-20 06:35 - 00215892 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-28 16:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-27 20:32 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-25 21:59 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-04-25 21:47 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-04-22 19:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-04-22 18:53 - 2015-02-15 13:05 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Audacity
2017-04-21 21:51 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-04-21 21:30 - 2015-02-02 20:36 - 00000000 ____D C:\Users\Julien\AppData\LocalLow\Adblock Plus for IE
2017-04-21 21:26 - 2015-01-30 23:22 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-20 23:19 - 2016-12-29 16:23 - 00001473 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2017-04-20 23:19 - 2016-12-29 16:21 - 00001410 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2017-04-20 23:19 - 2016-12-29 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-04-20 23:19 - 2016-12-29 16:20 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2017-04-20 22:50 - 2013-10-17 10:44 - 00000000 ____D C:\Program Files (x86)\Dell Wireless
2017-04-20 21:02 - 2016-12-29 16:23 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-04-20 20:36 - 2015-07-21 18:53 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-20 20:11 - 2015-08-14 21:46 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-20 20:08 - 2015-01-30 20:24 - 00000000 ____D C:\Users\Julien\AppData\Local\Packages
2017-04-20 19:43 - 2017-03-18 23:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-20 19:40 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-20 19:39 - 2013-10-17 10:55 - 00000000 ____D C:\Temp
2017-04-19 10:46 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-18 22:27 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-18 22:25 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-04-18 22:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-18 22:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-18 22:10 - 2013-11-03 11:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-18 21:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-18 21:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-04-18 21:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-04-18 21:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-18 21:51 - 2015-02-02 22:28 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-18 21:49 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-18 21:48 - 2013-10-17 10:41 - 01849942 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-04-18 21:42 - 2017-03-03 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-04-18 21:42 - 2016-10-31 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-04-18 21:42 - 2016-09-07 22:09 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-04-18 21:42 - 2016-09-07 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-04-18 21:42 - 2016-08-05 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2017-04-18 21:42 - 2015-07-20 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIdirekt
2017-04-18 21:42 - 2015-07-13 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2017-04-18 21:42 - 2015-07-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture NX 2
2017-04-18 21:42 - 2015-04-26 20:23 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2017-04-18 21:42 - 2015-01-31 12:40 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2017-04-18 21:42 - 2015-01-30 23:18 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2017-04-18 21:42 - 2015-01-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-18 21:42 - 2015-01-30 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2017-04-18 21:42 - 2013-10-17 10:58 - 00000000 ____D C:\WINDOWS\de
2017-04-18 21:42 - 2013-10-17 10:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2017-04-18 21:42 - 2013-10-17 10:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
2017-04-18 21:42 - 2013-10-17 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-04-18 21:42 - 2013-10-17 10:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-18 21:39 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 21:39 - 2013-10-17 10:43 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-04-18 21:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-04-18 21:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-04-18 21:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2017-04-18 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-04-18 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-18 21:36 - 2015-07-31 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-18 21:36 - 2015-01-30 20:24 - 00000000 ____D C:\ProgramData\PRICache
2017-04-18 21:36 - 2013-10-17 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2017-04-18 21:36 - 2013-10-17 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2017-04-18 21:36 - 2013-10-17 10:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2017-04-18 21:35 - 2013-10-17 11:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-18 21:35 - 2013-10-17 10:44 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-04-18 21:34 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-18 21:32 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-18 21:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-04-15 19:46 - 2015-01-30 20:51 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-04-15 19:46 - 2015-01-30 20:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2017-04-15 16:39 - 2016-04-13 19:57 - 00103936 ___SH C:\Users\Julien\Downloads\Thumbs.db
2017-04-15 13:15 - 2014-08-29 21:21 - 00000200 _____ C:\Users\Julien\Desktop\YouTube.url
2017-04-14 19:40 - 2015-10-12 08:38 - 00000000 ____D C:\Users\Julien\AppData\Roaming\IrfanView
2017-04-14 17:31 - 2017-03-25 17:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-14 17:30 - 2015-01-30 21:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-14 17:28 - 2015-01-30 21:21 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-14 17:27 - 2015-02-03 21:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-10 15:31 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-04-10 15:29 - 2013-11-03 11:46 - 00000000 ____D C:\Users\Julien\Documents\Bluetooth Folder
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\Users\Julien\AppData\Local\AvgSetupLog
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\ProgramData\Avg
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\Program Files (x86)\AVG
2017-04-10 15:10 - 2016-09-05 17:05 - 00000000 ___RD C:\Users\Julien\Dropbox
2017-04-10 15:05 - 2016-09-07 22:09 - 00000000 ____D C:\Users\Julien\AppData\Roaming\AVS4YOU
2017-04-08 13:27 - 2015-07-31 20:56 - 00035813 ____H C:\Users\Julien\AppData\Local\IconCache.db.backup
2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\Users\Julien\AppData\Roaming\Conditionals
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\Users\Julien\AppData\Roaming\Configure Folder Actions
2017-04-14 17:31 - 2017-04-14 17:31 - 0047397 _____ () C:\ProgramData\agent.1492183909.bdinstall.bin
2017-04-14 19:39 - 2017-04-14 19:39 - 0029195 _____ () C:\ProgramData\agent.1492191576.bdinstall.bin
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\ProgramData\Contextual Menu Items
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\ProgramData\Core Data Application
2017-04-18 21:31 - 2017-04-18 21:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-13 19:25 - 2015-09-14 19:47 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-07-13 19:27 - 2015-07-13 19:27 - 0000020 ____H () C:\ProgramData\PKP_DLck.DAT
2013-10-17 10:54 - 2013-10-17 10:54 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-17 10:50 - 2013-10-17 10:51 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-17 10:51 - 2013-10-17 10:53 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-10-17 10:50 - 2013-10-17 10:50 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-17 10:53 - 2013-10-17 10:54 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix fÃ¼r Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-18 21:28

==================== Ende von FRST.txt

M-K-D-B · 28.04.2017, 20:27

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Bitte poste alle Logdateien von MBAM und AdwCleaner mit den Funden, die nicht entfernt werden können.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

gregster · 29.04.2017, 20:05

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 29/04/2017 um 20:49:53
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-29.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Julien - HOMEPC
# Gestartet von : C:\Users\Julien\Desktop\adwcleaner_6.046.exe
# Modus: Suchlauf
# UnterstÃ¼tzung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schÃ¤dlichen Dienste gefunden.




***** [ Ordner ] *****

Ordner Gefunden: C:\Users\Julien\AppData\Local\Downloaded Installers
Ordner Gefunden: C:\Users\Julien\AppData\Roaming\AdvertismentImages
Ordner Gefunden: C:\Users\Julien\AppData\Roaming\RHEng
Ordner Gefunden: C:\Users\Julien\AppData\Roaming\RPEng
Ordner Gefunden: C:\Program Files\Reimage
Ordner Gefunden: C:\Program Files\reimage
Ordner Gefunden: C:\rei
Ordner Gefunden: C:\ReimageUndo
Ordner Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
Ordner Gefunden: C:\Users\Julien\AppData\Local\Temp\DMR


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\WINDOWS\SysNative\drivers\swdumon.sys
Datei Gefunden: C:\WINDOWS\Reimage.ini


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schÃ¤dlichen SchlÃ¼ssel gefunden.


***** [ VerknÃ¼pfungen ] *****

Keine infizierten VerknÃ¼pfungen gefunden.


***** [ Aufgabenplanung ] *****

Aufgabe Gefunden: ReimageUpdater
Aufgabe Gefunden: ReimageUpdater
Aufgabe Gefunden: reimageupdater


***** [ Registrierungsdatenbank ] *****

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Reimage
SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair


***** [ Internetbrowser ] *****

Keine schÃ¤dlichen Elemente in Firefox basierten Browsern gefunden.
Keine schÃ¤dlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [4192 Bytes] - [16/04/2017 13:36:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [2531 Bytes] - [18/04/2017 18:30:58]
C:\AdwCleaner\AdwCleaner[S2].txt - [2516 Bytes] - [20/04/2017 23:24:18]
C:\AdwCleaner\AdwCleaner[S3].txt - [2603 Bytes] - [25/04/2017 21:50:09]
C:\AdwCleaner\AdwCleaner[S4].txt - [2676 Bytes] - [25/04/2017 21:59:21]
C:\AdwCleaner\AdwCleaner[S5].txt - [2807 Bytes] - [29/04/2017 20:22:08]
C:\AdwCleaner\AdwCleaner[S6].txt - [2877 Bytes] - [29/04/2017 20:26:39]
C:\AdwCleaner\AdwCleaner[S7].txt - [2790 Bytes] - [29/04/2017 20:49:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2863 Bytes] ##########

--- --- ---

[/CODE]

Hallo Matthias,

freut mich, dass Du mir helfen willst. Oben siehst Du das File von ADwCleaner, leider konnte ADw keine Löschung vornehmen da wie ich bereits geschrieben habe hängt sich de PC in dem Moment auf (Sanduhr, ADw keine Rückmeldung). Der Zustand bleibt dann ewig.

Weiter oben habe ich bereits das FRST File angehangen. Ich weiß nicht mehr weiter.
Warte auf Deine Infos.
Vielen Dank.

M-K-D-B · 30.04.2017, 10:17

Servus,

FRST und TDSS-Killer wie beschrieben nochmal ausführen und die Logdateien dazu posten.

gregster · 30.04.2017, 12:56

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
durchgeführt von Julien (Administrator) auf HOMEPC (30-04-2017 13:38:50)
Gestartet von C:\Users\Julien\Desktop
Geladene Profile: Julien (Verfügbare Profile: Julien & Administrator)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsgui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> explorer.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(PC-Doctor, Inc.) C:\Program Files\Dell Support Center\pcdrcui.exe
(PC-Doctor, Inc.) C:\Program Files\Dell Support Center\pcdrrealtime.p5x
(PC-Doctor, Inc.) C:\Program Files\Dell Support Center\pcdrsmart2.p5x

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [Amazon Music] => C:\Users\Julien\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e64359d6-d010-4166-882f-51061b3710e5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e84bf977-7d9d-48af-922b-627d2ba5065c}: [DhcpNameServer] 10.72.0.72 10.72.0.73

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-836797742-737356516-1884966141-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> DefaultScope {2DD994EE-4BBD-4450-B1FE-9411B76D18E7} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> OldSearch URL = 
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> {2DD994EE-4BBD-4450-B1FE-9411B76D18E7} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-836797742-737356516-1884966141-1001 -> {6CCAD392-DAA4-4E63-B9DF-389D743FF85D} URL = 
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-05-13] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon [2017-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.9.1.12\coFFAddon
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-07-22] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-24] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default [2017-04-25]
CHR Extension: (Google Präsentationen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-21]
CHR Extension: (Google Docs) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-21]
CHR Extension: (Google Drive) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-21]
CHR Extension: (YouTube) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-04-21]
CHR Extension: (Google Tabellen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-21]
CHR Extension: (Google Docs Offline) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-04-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-21]
CHR Extension: (Google Mail) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Julien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-21]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-04-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-04-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 CPCSScheduler; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe [418376 2013-04-04] (ChicaLogic)
R2 CPCSService; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe [701512 2013-04-04] (ChicaLogic)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-04-19] (Digital Wave Ltd.)
S4 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-31] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S4 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 NS; C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe [326160 2017-03-16] (Symantec Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\BASHDefs\20170426.001\BHDrvx64.sys [1831064 2017-04-17] (Symantec Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\ccSetx64.sys [174240 2017-03-16] (Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CPCSProtector; C:\WINDOWS\system32\drivers\cpcs.sys [25928 2013-04-04] (ChicaLogic)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497304 2017-04-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-04-06] (Symantec Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\IPSDefs\20170428.001\IDSvia64.sys [1036440 2017-04-27] (Symantec Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-04-28] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_39d8ca1ac617325e\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SRTSP; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSP64.SYS [770200 2017-03-16] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSPX64.SYS [49312 2017-03-16] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SYMEFASI64.SYS [1716896 2017-03-16] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SymELAM.sys [24616 2017-03-16] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-04-20] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\Ironx64.SYS [291480 2017-03-16] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SYMNETS.SYS [567512 2017-03-16] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\SDSDefs\20170420.002\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\SDSDefs\20170420.002\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 13:38 - 2017-04-30 13:39 - 00025926 _____ C:\Users\Julien\Desktop\FRST.txt
2017-04-30 13:38 - 2017-04-30 13:38 - 02427392 _____ (Farbar) C:\Users\Julien\Desktop\FRST64.exe
2017-04-30 13:33 - 2017-04-30 13:33 - 00000000 ____D C:\Users\Julien\AppData\Roaming\PCDr
2017-04-30 11:31 - 2017-04-30 11:31 - 00000000 ___RD C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-04-29 20:20 - 2017-04-29 20:20 - 04102600 _____ C:\Users\Julien\Desktop\adwcleaner_6.046.exe
2017-04-29 20:18 - 2017-04-29 20:18 - 00017666 _____ C:\Users\Julien\Desktop\download-adwcleaner.htm
2017-04-29 20:11 - 2017-04-29 20:11 - 00000000 ___HD C:\OneDriveTemp
2017-04-28 19:46 - 2017-04-28 19:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-28 17:23 - 2017-04-28 17:23 - 00003454 _____ C:\WINDOWS\System32\Tasks\McAfee Cleanup
2017-04-28 17:21 - 2017-04-28 17:21 - 01496584 _____ C:\Users\Julien\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2017-04-28 17:11 - 2017-04-28 17:13 - 00038664 _____ C:\Users\Julien\Downloads\Addition.txt
2017-04-28 17:10 - 2017-04-30 13:38 - 00000000 ____D C:\FRST
2017-04-28 17:10 - 2017-04-28 17:13 - 00064426 _____ C:\Users\Julien\Downloads\FRST.txt
2017-04-28 17:10 - 2017-04-28 17:10 - 02427392 _____ (Farbar) C:\Users\Julien\Downloads\FRST64.exe
2017-04-28 16:54 - 2017-04-28 16:54 - 03144880 _____ (Avira Operations GmbH & Co. KG) C:\Users\Julien\Downloads\avira_registry_cleaner_de.exe
2017-04-27 19:23 - 2017-04-27 19:23 - 00000640 _____ C:\Users\Julien\Desktop\LuPO-Schülerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-Schülerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000625 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-Lehrerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000613 _____ C:\Users\Public\Desktop\LuPO-Lehrerversion.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LuPO-Versionshinweise.lnk
2017-04-27 19:23 - 2017-04-27 19:23 - 00000000 ____D C:\LuPO
2017-04-24 21:48 - 2017-04-24 21:48 - 00000868 _____ C:\Users\Julien\Downloads\FRITZ!Box_Fon_WLAN_7390_84.06.83_24.04.2017_21_48-diagnose.csv
2017-04-21 21:30 - 2017-04-21 21:30 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2017-04-21 21:28 - 2017-04-21 21:28 - 01496584 _____ C:\Users\Julien\Downloads\adblockplusie-1.5 - CHIP-Installer.exe
2017-04-21 21:26 - 2017-04-21 21:26 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-21 21:26 - 2017-04-21 21:26 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00002326 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-21 21:26 - 2017-04-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-21 21:26 - 2017-04-21 21:26 - 00000000 ____D C:\Program Files\CCleaner
2017-04-21 21:25 - 2017-04-28 17:35 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-21 21:25 - 2017-04-28 17:35 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-21 21:25 - 2017-04-21 21:29 - 00000000 ____D C:\Users\Julien\AppData\Local\Google
2017-04-21 21:25 - 2017-04-21 21:25 - 09390672 _____ (Piriform Ltd) C:\Users\Julien\Downloads\ccsetup529.exe
2017-04-20 20:36 - 2017-04-30 11:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-04-20 20:29 - 2017-04-21 15:59 - 00000000 ____D C:\Users\Julien\AppData\Local\NPE
2017-04-20 20:28 - 2017-04-30 12:25 - 00000000 ____D C:\Users\Julien\AppData\Local\CrashDumps
2017-04-20 19:45 - 2017-04-30 11:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-04-20 19:43 - 2017-04-20 19:43 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-04-20 19:43 - 2017-04-20 19:43 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-04-20 19:43 - 2017-04-20 19:43 - 00003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-04-20 19:43 - 2017-04-20 19:43 - 00002208 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-04-20 19:43 - 2017-04-20 19:43 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-04-20 19:42 - 2017-04-20 19:43 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\Program Files\Norton Security
2017-04-20 19:42 - 2017-04-20 19:42 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-04-20 19:39 - 2017-04-20 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-20 19:39 - 2017-04-20 19:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-20 19:39 - 2016-12-29 14:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-04-20 19:39 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-20 19:39 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-20 19:39 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-20 19:39 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-20 19:37 - 2017-04-20 20:29 - 00000000 ____D C:\ProgramData\Norton
2017-04-20 19:37 - 2017-04-20 19:37 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-04-19 11:47 - 2017-04-19 11:47 - 00000597 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laura Sicherung (2).lnk
2017-04-18 22:51 - 2017-04-18 22:51 - 00000000 ____D C:\Users\Julien\AppData\Local\DBG
2017-04-18 22:47 - 2017-04-19 10:56 - 00000000 ____D C:\Users\Julien\AppData\Local\MicrosoftEdge
2017-04-18 22:24 - 2017-04-30 13:29 - 00000000 ____D C:\Windows.old
2017-04-18 22:24 - 2017-04-18 22:24 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-18 22:24 - 2017-04-18 22:24 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-18 22:24 - 2017-04-18 22:24 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-18 22:24 - 2017-04-18 22:24 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-18 22:24 - 2017-04-18 22:24 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-18 22:24 - 2017-04-18 22:24 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-18 22:23 - 2017-04-18 22:23 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-18 22:23 - 2017-04-18 22:23 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-18 22:22 - 2017-04-18 22:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files\MSBuild
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-04-18 22:18 - 2017-04-18 22:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-18 22:17 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-18 22:17 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-18 22:17 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-04-18 22:15 - 2017-04-18 22:15 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 22:15 - 2017-04-18 22:15 - 00002426 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 22:12 - 2017-04-21 16:02 - 00000000 ____D C:\Users\Julien\AppData\Local\Comms
2017-04-18 22:12 - 2017-04-18 22:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-18 22:10 - 2017-04-18 22:11 - 00000000 ____D C:\Users\Julien\AppData\Local\ConnectedDevicesPlatform
2017-04-18 22:10 - 2017-04-18 22:10 - 00000020 ___SH C:\Users\Julien\ntuser.ini
2017-04-18 22:10 - 2017-04-18 22:10 - 00000000 ____D C:\Users\Julien\AppData\Local\TileDataLayer
2017-04-18 22:10 - 2017-04-18 22:10 - 00000000 ____D C:\Users\Julien\AppData\Local\Publishers
2017-04-18 21:53 - 2017-04-18 21:57 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-04-18 21:53 - 2017-04-18 21:57 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-04-18 21:51 - 2017-04-30 11:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-18 21:51 - 2017-04-21 14:06 - 00003556 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncher
2017-04-18 21:51 - 2017-04-18 21:51 - 00003662 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2017-04-18 21:51 - 2017-04-18 21:51 - 00003256 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-18 21:51 - 2017-04-18 21:51 - 00003080 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2017-04-18 21:51 - 2017-04-18 21:51 - 00003072 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7D19CF0-E87B-43C3-8D3E-595AD8772A0A}
2017-04-18 21:51 - 2017-04-18 21:51 - 00002950 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2017-04-18 21:51 - 2017-04-18 21:51 - 00002848 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2017-04-18 21:51 - 2017-04-18 21:51 - 00002808 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-836797742-737356516-1884966141-1001
2017-04-18 21:51 - 2017-04-18 21:51 - 00002702 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2017-04-18 21:51 - 2017-04-18 21:51 - 00002350 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2017-04-18 21:51 - 2017-04-18 21:51 - 00002350 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2017-04-18 21:51 - 2017-04-18 21:51 - 00001836 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-04-18 21:51 - 2017-04-18 21:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-04-18 21:48 - 2017-04-30 11:39 - 02256246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-18 21:41 - 2017-04-18 21:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-18 21:39 - 2017-04-18 21:39 - 00000000 ____D C:\ProgramData\USOShared
2017-04-18 21:36 - 2017-04-18 21:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-18 21:35 - 2017-04-29 21:00 - 00000000 ____D C:\Users\Julien
2017-04-18 21:35 - 2017-04-20 20:18 - 00000000 ____D C:\Users\Administrator
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Vorlagen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Startmenü
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Netzwerkumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Lokale Einstellungen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Eigene Dateien
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Druckumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Videos
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Musik
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Documents\Eigene Bilder
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Local\Verlauf
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\AppData\Local\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Julien\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-18 21:35 - 2017-04-18 21:35 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-18 21:31 - 2017-04-30 11:30 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-18 21:31 - 2017-04-20 19:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-18 21:31 - 2017-04-18 21:31 - 00463760 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2017-04-18 21:31 - 2017-04-18 21:31 - 00019501 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-04-18 21:31 - 2017-04-18 21:31 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-04-18 21:31 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-18 21:31 - 2016-12-29 14:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-18 21:31 - 2016-12-19 09:26 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\Program Files\Realtek
2017-04-18 21:30 - 2017-04-18 21:30 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-04-18 21:28 - 2017-04-30 00:07 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-18 21:28 - 2017-04-20 19:56 - 00275248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-18 21:28 - 2017-04-18 21:28 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-18 19:37 - 2017-04-21 21:30 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-18 19:35 - 2017-04-18 19:37 - 00000036 _____ C:\WINDOWS\progress.ini
2017-04-18 18:53 - 2017-04-18 22:09 - 00000000 ___HD C:\$GetCurrent
2017-04-18 18:52 - 2017-04-18 22:10 - 00000000 ____D C:\Windows10Upgrade
2017-04-18 18:52 - 2017-04-18 18:52 - 00000704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-04-18 18:52 - 2017-04-18 18:52 - 00000692 _____ C:\Users\Julien\Desktop\Windows 10-Upgrade-Assistent.lnk
2017-04-16 13:37 - 2017-04-18 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\Users\Julien\AppData\Roaming\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\ProgramData\ChicaLogic
2017-04-16 13:37 - 2017-04-16 13:37 - 00000000 ____D C:\Program Files (x86)\ChicaLogic
2017-04-16 13:37 - 2013-04-04 14:51 - 00025928 _____ (ChicaLogic) C:\WINDOWS\system32\Drivers\cpcs.sys
2017-04-16 13:35 - 2017-04-29 21:35 - 00000000 ____D C:\AdwCleaner
2017-04-16 12:31 - 2017-04-21 21:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-16 12:31 - 2017-04-16 12:38 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-16 12:31 - 2017-04-16 12:31 - 00000000 ____D C:\Users\Julien\AppData\Roaming\TeamViewer
2017-04-15 20:19 - 2017-04-16 09:09 - 00000000 ____D C:\ReimageUndo
2017-04-15 20:06 - 2017-04-16 14:00 - 00000140 _____ C:\WINDOWS\Reimage.ini
2017-04-15 20:06 - 2017-04-16 09:08 - 00000000 ____D C:\rei
2017-04-15 20:06 - 2017-04-15 20:07 - 00000000 ____D C:\Program Files\Reimage
2017-04-15 15:50 - 2016-08-22 18:33 - 00002090 _____ C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Madlens IPhone.lnk
2017-04-14 19:39 - 2017-04-14 19:39 - 00029195 _____ C:\ProgramData\agent.1492191576.bdinstall.bin
2017-04-14 17:31 - 2017-04-14 17:31 - 00047397 _____ C:\ProgramData\agent.1492183909.bdinstall.bin
2017-04-14 17:31 - 2017-04-14 17:31 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-04-14 17:30 - 2017-04-14 17:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-04-14 17:22 - 2017-04-14 17:22 - 01496584 _____ C:\Users\Julien\Downloads\AntiVir Avira Free Antivirus - CHIP-Installer.exe
2017-04-10 15:29 - 2017-04-30 13:39 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Skype
2017-04-10 15:29 - 2017-04-18 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-10 15:29 - 2017-04-18 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-10 15:29 - 2017-04-10 15:29 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ____D C:\Users\Julien\AppData\Local\Skype
2017-04-10 15:29 - 2017-04-10 15:29 - 00000000 ____D C:\ProgramData\Skype
2017-04-10 15:28 - 2017-04-14 17:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-10 15:25 - 2016-12-29 15:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-04-10 15:18 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2017-04-10 15:16 - 2017-02-22 16:35 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-04-07 16:28 - 2017-04-07 16:28 - 00000000 ____D C:\Users\Julien\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 11:40 - 2015-02-02 22:53 - 00000000 __RDO C:\Users\Julien\OneDrive
2017-04-30 11:39 - 2017-03-20 06:35 - 01019440 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-30 11:39 - 2017-03-20 06:35 - 00224928 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-30 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-30 11:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-04-29 21:16 - 2015-01-30 20:24 - 00000000 ____D C:\Users\Julien\AppData\Local\Packages
2017-04-29 20:46 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-04-28 17:23 - 2013-10-17 10:59 - 00000000 ____D C:\ProgramData\McAfee
2017-04-27 20:32 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-25 21:59 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-04-22 19:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-04-22 18:53 - 2015-02-15 13:05 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Audacity
2017-04-21 21:30 - 2015-02-02 20:36 - 00000000 ____D C:\Users\Julien\AppData\LocalLow\Adblock Plus for IE
2017-04-21 21:26 - 2015-01-30 23:22 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-20 23:19 - 2016-12-29 16:23 - 00001473 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2017-04-20 23:19 - 2016-12-29 16:21 - 00001410 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2017-04-20 23:19 - 2016-12-29 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-04-20 23:19 - 2016-12-29 16:20 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2017-04-20 22:50 - 2013-10-17 10:44 - 00000000 ____D C:\Program Files (x86)\Dell Wireless
2017-04-20 21:02 - 2016-12-29 16:23 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-04-20 20:36 - 2015-07-21 18:53 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-20 20:11 - 2015-08-14 21:46 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-20 19:43 - 2017-03-18 23:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-20 19:40 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-20 19:39 - 2013-10-17 10:55 - 00000000 ____D C:\Temp
2017-04-19 10:46 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-18 22:27 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-18 22:25 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-04-18 22:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-18 22:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-18 22:10 - 2013-11-03 11:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-18 21:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-18 21:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-04-18 21:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-04-18 21:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-18 21:51 - 2015-02-02 22:28 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-18 21:49 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-18 21:48 - 2013-10-17 10:41 - 01849942 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-04-18 21:42 - 2017-03-03 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-04-18 21:42 - 2016-10-31 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-04-18 21:42 - 2016-09-07 22:09 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-04-18 21:42 - 2016-09-07 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-04-18 21:42 - 2016-08-05 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2017-04-18 21:42 - 2015-07-20 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIdirekt
2017-04-18 21:42 - 2015-07-13 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2017-04-18 21:42 - 2015-07-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture NX 2
2017-04-18 21:42 - 2015-04-26 20:23 - 00000000 ____D C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2017-04-18 21:42 - 2015-01-31 12:40 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2017-04-18 21:42 - 2015-01-30 23:18 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2017-04-18 21:42 - 2015-01-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-18 21:42 - 2015-01-30 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-04-18 21:42 - 2013-10-17 10:58 - 00000000 ____D C:\WINDOWS\de
2017-04-18 21:42 - 2013-10-17 10:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2017-04-18 21:42 - 2013-10-17 10:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
2017-04-18 21:42 - 2013-10-17 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-04-18 21:42 - 2013-10-17 10:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-18 21:39 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-18 21:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 21:39 - 2013-10-17 10:43 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-04-18 21:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-04-18 21:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-04-18 21:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2017-04-18 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-04-18 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-18 21:36 - 2015-07-31 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-18 21:36 - 2015-01-30 20:24 - 00000000 ____D C:\ProgramData\PRICache
2017-04-18 21:36 - 2013-10-17 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2017-04-18 21:36 - 2013-10-17 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2017-04-18 21:36 - 2013-10-17 10:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2017-04-18 21:35 - 2013-10-17 11:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-18 21:35 - 2013-10-17 10:44 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-04-18 21:34 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-18 21:32 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-04-18 21:32 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-18 21:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-04-15 19:46 - 2015-01-30 20:51 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-04-15 19:46 - 2015-01-30 20:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-04-15 16:39 - 2016-04-13 19:57 - 00103936 ___SH C:\Users\Julien\Downloads\Thumbs.db
2017-04-15 13:15 - 2014-08-29 21:21 - 00000200 _____ C:\Users\Julien\Desktop\YouTube.url
2017-04-14 19:40 - 2015-10-12 08:38 - 00000000 ____D C:\Users\Julien\AppData\Roaming\IrfanView
2017-04-14 17:31 - 2017-03-25 17:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-14 17:30 - 2015-01-30 21:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-14 17:28 - 2015-01-30 21:21 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-14 17:27 - 2015-02-03 21:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-10 15:31 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-04-10 15:29 - 2013-11-03 11:46 - 00000000 ____D C:\Users\Julien\Documents\Bluetooth Folder
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\Users\Julien\AppData\Local\AvgSetupLog
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\ProgramData\Avg
2017-04-10 15:10 - 2016-10-31 22:08 - 00000000 ____D C:\Program Files (x86)\AVG
2017-04-10 15:10 - 2016-09-05 17:05 - 00000000 ___RD C:\Users\Julien\Dropbox
2017-04-10 15:05 - 2016-09-07 22:09 - 00000000 ____D C:\Users\Julien\AppData\Roaming\AVS4YOU
2017-04-08 13:27 - 2015-07-31 20:56 - 00035813 ____H C:\Users\Julien\AppData\Local\IconCache.db.backup
2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\Users\Julien\AppData\Roaming\Conditionals
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\Users\Julien\AppData\Roaming\Configure Folder Actions
2017-04-14 17:31 - 2017-04-14 17:31 - 0047397 _____ () C:\ProgramData\agent.1492183909.bdinstall.bin
2017-04-14 19:39 - 2017-04-14 19:39 - 0029195 _____ () C:\ProgramData\agent.1492191576.bdinstall.bin
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\ProgramData\Contextual Menu Items
2015-07-13 19:27 - 2015-07-13 19:27 - 0000268 ___RH () C:\ProgramData\Core Data Application
2017-04-18 21:31 - 2017-04-18 21:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-13 19:25 - 2015-09-14 19:47 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-07-13 19:27 - 2015-07-13 19:27 - 0000020 ____H () C:\ProgramData\PKP_DLck.DAT
2013-10-17 10:54 - 2013-10-17 10:54 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-17 10:50 - 2013-10-17 10:51 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-17 10:51 - 2013-10-17 10:53 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-10-17 10:50 - 2013-10-17 10:50 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-17 10:53 - 2013-10-17 10:54 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-30 13:26

==================== Ende von FRST.txt ============================

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-04-2017
durchgeführt von Julien (30-04-2017 13:39:55)
Gestartet von C:\Users\Julien\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-18 20:09:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-836797742-737356516-1884966141-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-836797742-737356516-1884966141-503 - Limited - Disabled)
Gast (S-1-5-21-836797742-737356516-1884966141-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-836797742-737356516-1884966141-1010 - Limited - Enabled)
Julien (S-1-5-21-836797742-737356516-1884966141-1001 - Administrator - Enabled) => C:\Users\Julien

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{588B7DD2-3480-4A89-A8F6-C6781CBFAD56}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Ansel (Version: 378.78 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.7 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
ChicaPC-Shield Version 1.75.0.1300 (HKLM-x32\...\ChicaPC-Shield_is1) (Version: 1.75.0.1300 - ChicaLogic)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.125 - PC-Doctor, Inc.)
Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
DSC/AA Factory Installer (Version: 3.2.6032.125 - PC-Doctor, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.46.419 - Digital Wave Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
LuPO 2.1.2.1 (HKLM-x32\...\LuPO_is1) (Version:  - Ministerium für Schule, Wissenschaft und Forschung NRW)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.1076 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Norton Security (HKLM-x32\...\NS) (Version: 22.9.1.12 - Symantec Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.4.9 - Reimage) <==== ACHTUNG
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {018E9E1F-73B1-454E-B56F-52DB30455B71} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.9.1.12\SymErr.exe [2017-03-16] (Symantec Corporation)
Task: {21846BF9-9689-47A6-AA58-B9997D1EDA74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {2C851391-680F-45B2-99B8-9C6333EEF379} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.9.1.12\SymErr.exe [2017-03-16] (Symantec Corporation)
Task: {2E2D81A4-CF25-49E0-9A52-409B4E6D4AC5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2013-02-15] (PC-Doctor, Inc.)
Task: {328AEDE6-DFC8-4ABD-9CA8-D4D116F9E6CC} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe  <==== ACHTUNG
Task: {46739EBA-6CD3-424F-BF05-453E6E1D9D38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {4C9C4BB2-1D27-498F-B1B3-45B78E3BA9D5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {614316C2-1A06-4F07-93B6-9FBADED3961F} - System32\Tasks\McAfee Cleanup => C:\Users\Julien\AppData\Local\Temp\MCPR\mccleanup.exe [2017-03-10] (McAfee, Inc.) <==== ACHTUNG
Task: {68290F54-E4B0-4897-9E53-17E03A32CCE8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {6DA0F733-C235-4053-9774-FE7152139568} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {8621CC5F-31CF-475E-A223-7067813DA91E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe 
Task: {87DC0C5A-D1B8-4C35-8A0E-CDAE4ADEDBD0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {970C8BA2-F523-41AF-8F2F-E07AF426F79C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {99158ADA-8102-47AC-97B3-C4F89A0C0E29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {A0C536C7-3B24-4B33-9499-A4F39E71E676} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2013-02-15] (PC-Doctor, Inc.)
Task: {A739B92B-98D9-425C-BDD6-9ECDA20F7E6F} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.9.1.12\SymErr.exe [2017-03-16] (Symantec Corporation)
Task: {B87780EE-A866-4941-98DF-21E996E441F5} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-03-17] (Symantec Corporation)
Task: {BB2BA810-6DA7-45B2-B999-D79EDD0597BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-14] (Microsoft Corporation)
Task: {BDBFA82A-43C5-4FA8-AFCE-A9BD29BDFDBF} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.9.1.12\WSCStub.exe [2017-03-17] (Symantec Corporation)
Task: {D488A479-7328-44BD-8C4A-224EDFAF072F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {D9D686FF-9991-4192-9DB6-29789B01EF46} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {FFFEA4F3-41B7-4778-BE0A-C91CF5A60B62} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-18 21:31 - 2016-12-29 14:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 10:53 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00491008 _____ () C:\Windows\ShellExperiences\TileControl.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-26 23:34 - 2017-04-26 23:34 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 23:34 - 2017-04-26 23:34 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 23:34 - 2017-04-26 23:35 - 43011072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 23:34 - 2017-04-26 23:34 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\skypert.dll
2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2017-04-11 00:57 - 2017-04-11 00:57 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2012-07-24 12:06 - 2012-07-24 12:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2017-04-25 21:35 - 2017-04-25 21:35 - 01710080 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-04-25 21:35 - 2017-04-25 21:35 - 13358272 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-04-25 21:35 - 2017-04-25 21:35 - 01200832 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2016-12-29 16:20 - 2016-12-16 20:16 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-29 16:21 - 2017-04-06 11:45 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-12-29 16:21 - 2017-04-06 11:45 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-12-29 16:21 - 2017-04-06 11:45 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2013-10-17 10:51 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-17 10:41 - 2013-01-24 03:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 11:57 - 2012-06-14 11:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 20:15 - 2011-08-15 20:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 16:41 - 2011-08-17 16:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 19:23 - 2011-08-15 19:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 11:56 - 2012-06-14 11:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 12:06 - 2012-06-14 12:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 11:55 - 2012-06-14 11:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-08-15 20:17 - 2011-08-15 20:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 16:05 - 2011-07-19 16:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 16:04 - 2011-07-19 16:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Julien\Desktop\OMA UND OPA.pptx:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-836797742-737356516-1884966141-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-836797742-737356516-1884966141-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{885FF69C-758D-4052-865E-AB3D28A94C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E359C8A8-142B-4811-8A1A-0FC2BAE16EF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B060E8C2-49DC-44DD-A812-04BB5BF673C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8A14C1E2-15E3-418F-9ED1-CAAB8F99AD21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D0690078-877C-448B-9635-E2A63DD06D19}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F62CD443-EF9B-4787-A070-0671D0E306F7}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{C1FB1121-AE1D-4562-97BA-203D32107A2C}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F27997F9-BB0E-49F7-8354-517DDFC65587}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{063B05D0-FC44-472B-B679-2B12F283A37D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F88957B-65E1-4DB1-A72F-558CE081673F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{626427A7-67A8-4409-8124-58655553E4BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DD3E09D4-49AD-452C-BCAB-9D1B3175123B}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\tuneitup.exe
FirewallRules: [{F1866BEB-CDD5-46D9-BF68-D77A64A16E1B}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\tuneitup.exe
FirewallRules: [{6EDA03C2-4574-41BE-A054-3BC5712728B0}] => (Allow) C:\Users\Julien\AppData\Local\Temp\nsq9DF4.tmp\Installer-76115986.exe
FirewallRules: [{A2025C9A-B36E-489A-B250-DC780E178303}] => (Allow) C:\Users\Julien\AppData\Local\Temp\nsq9DF4.tmp\Installer-76115986.exe
FirewallRules: [{F5F59B70-684D-4482-81B4-6D6F90CA121C}] => (Allow) C:\Users\Julien\AppData\Local\Temp\nsh14FB.tmp\Installer-76115986.exe
FirewallRules: [{711CB648-030D-4177-BA76-37AA0916A602}] => (Allow) C:\Users\Julien\AppData\Local\Temp\nsh14FB.tmp\Installer-76115986.exe
FirewallRules: [{2739DB5F-2225-485B-9A6A-8A9DD1D3F2D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B5B50991-B0D0-488F-AD80-94C87F3CB27D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{44741E93-D4D4-4A5A-BFC0-53343CC57F11}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D94358C7-8839-4F65-9173-A930D5BB52E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5118561F-ED48-4313-9BD3-534D77A80F3E}] => (Allow) LPort=2869
FirewallRules: [{D55F67D9-95F0-470C-B52C-001E6AE2D859}] => (Allow) LPort=1900
FirewallRules: [{23B85C7B-892A-4B35-B67B-3615C5D12283}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{30BC773E-C1D6-4078-A0F4-B62747B3DC62}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F754A25B-6B91-4043-B1A2-E6D7060B4DFE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7CCCDA59-2F59-482E-8A82-836170EBBB1D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DA7A0B03-3094-4430-B0CD-68112F32FCD2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

20-04-2017 19:36:39 Windows Update
21-04-2017 21:30:00 Installed Adblock Plus for IE (32-bit and 64-bit)
21-04-2017 21:47:32 Windows-Sicherung
21-04-2017 22:10:41 Windows-Sicherung
23-04-2017 19:07:37 Windows-Sicherung
29-04-2017 21:23:03 GS 29.04.17
29-04-2017 21:25:27 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/30/2017 01:28:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/30/2017 12:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdgeCP.exe, Version: 11.0.15063.0, Zeitstempel: 0x58ccbae4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x850
Startzeit der fehlerhaften Anwendung: 0x01d2c19ad3ed2ea4
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 22950579-27b9-41f6-95ba-3256a5b1e89d
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ContentProcess

Error: (04/30/2017 12:24:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdgeCP.exe, Version: 11.0.15063.0, Zeitstempel: 0x58ccbae4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x850
Startzeit der fehlerhaften Anwendung: 0x01d2c19ad3ed2ea4
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 214231d6-8d7c-413f-8a63-866531327b8e
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ContentProcess

Error: (04/30/2017 11:38:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x84000013
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x33a8
Startzeit der fehlerhaften Anwendung: 0x01d2c195623bfd01
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f9b31dc2-d0e8-43ea-8dec-083e983e0daf
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/29/2017 08:58:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 08:57:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 08:57:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 08:57:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 08:56:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/29/2017 08:54:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOMEPC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/30/2017 01:28:44 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/30/2017 01:28:38 PM) (Source: DCOM) (EventID: 10010) (User: HOMEPC)
Description: Der Server "Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/30/2017 11:39:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2017 11:34:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: HP All-in-One Printer Remote

Error: (04/30/2017 11:30:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 11:30:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 11:30:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (04/30/2017 11:30:28 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎04.‎2017 um 23:40:32 unerwartet heruntergefahren.

Error: (04/30/2017 12:06:04 AM) (Source: DCOM) (EventID: 10010) (User: HOMEPC)
Description: Der Server "{9E175B6D-F52A-11D8-B9A5-505054503030}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/30/2017 12:00:04 AM) (Source: DCOM) (EventID: 10010) (User: HOMEPC)
Description: Der Server "{9E175B6D-F52A-11D8-B9A5-505054503030}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-04-28 20:10:10.312
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\955ecd86d48e9a3fc1d66a372979558d63f2999d.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:10:10.308
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\955ecd86d48e9a3fc1d66a372979558d63f2999d.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:10:10.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\955ecd86d48e9a3fc1d66a372979558d63f2999d.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:09:35.657
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\cf0afbb67cdb92fe913496dc8cfba680ad99e0fc.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:09:35.654
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\cf0afbb67cdb92fe913496dc8cfba680ad99e0fc.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:09:35.652
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\cf0afbb67cdb92fe913496dc8cfba680ad99e0fc.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:08:50.886
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\a2f7fa8cff8c179a884c2e96c576f1b7eb0eecb7.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:08:50.882
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\a2f7fa8cff8c179a884c2e96c576f1b7eb0eecb7.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:08:50.880
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\a2f7fa8cff8c179a884c2e96c576f1b7eb0eecb7.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-28 20:08:45.245
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\rei\Temp\20170416_0901\windows8.1_sp0_home_deu(1031)_ie11_wmp12_64bit\Images\6d5b30e01b3bbf0de582209583dabe89b4cddc25.img because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8143.21 MB
Verfügbarer physikalischer RAM: 5102.89 MB
Summe virtueller Speicher: 9423.21 MB
Verfügbarer virtueller Speicher: 5819.75 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:526.73 GB) (Free:451.27 GB) NTFS
Drive s: (Sicherung) (Fixed) (Total:390.62 GB) (Free:366.96 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EB141B24)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

gregster · 30.04.2017, 13:15

Code:

ATTFilter

13:56:37.0628 0x2aec  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
13:56:37.0628 0x2aec  UEFI system
13:56:44.0278 0x2aec  ============================================================
13:56:44.0278 0x2aec  Current date / time: 2017/04/30 13:56:44.0278
13:56:44.0294 0x2aec  SystemInfo:
13:56:44.0294 0x2aec  
13:56:44.0294 0x2aec  OS Version: 10.0.15063 ServicePack: 0.0
13:56:44.0294 0x2aec  Product type: Workstation
13:56:44.0294 0x2aec  ComputerName: HOMEPC
13:56:44.0294 0x2aec  UserName: Julien
13:56:44.0294 0x2aec  Windows directory: C:\WINDOWS
13:56:44.0294 0x2aec  System windows directory: C:\WINDOWS
13:56:44.0294 0x2aec  Running under WOW64
13:56:44.0294 0x2aec  Processor architecture: Intel x64
13:56:44.0294 0x2aec  Number of processors: 8
13:56:44.0294 0x2aec  Page size: 0x1000
13:56:44.0294 0x2aec  Boot type: Normal boot
13:56:44.0294 0x2aec  CodeIntegrityOptions = 0x00000001
13:56:44.0294 0x2aec  ============================================================
13:56:46.0870 0x2aec  KLMD registered as C:\WINDOWS\system32\drivers\21794130.sys
13:56:46.0870 0x2aec  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
13:56:52.0466 0x2aec  System UUID: {59ED0152-7D0F-EBF6-1A90-A16E4469788A}
13:57:00.0864 0x2aec  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:57:01.0166 0x2aec  ============================================================
13:57:01.0166 0x2aec  \Device\Harddisk0\DR0:
13:57:01.0166 0x2aec  GPT partitions:
13:57:01.0188 0x2aec  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7AFC212D-77F5-4638-B379-4B13343C9E7C}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
13:57:01.0188 0x2aec  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {2B7B9276-31AC-417C-ACC8-34B50E1C562B}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1BDAA4CD-0429-49F6-97D3-2C663EFB32F2}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F215590-CBB1-49F9-8F26-5BA336A66806}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C4F7091E-3807-4A74-88E6-DD4F4ED4FC4C}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0x41D77800
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FF5E99FC-6C84-494A-A434-C415E00E1CB2}, Name: , StartLBA 0x41FBB000, BlocksNum 0xE1000
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {011CCD31-647D-45B3-9AB7-75643CBC3282}, Name: Basic data partition, StartLBA 0x4209C000, BlocksNum 0x30D3F800
13:57:01.0204 0x2aec  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8CFA8327-BFB8-49FC-85BB-F05D65B0EADB}, Name: Microsoft recovery partition, StartLBA 0x72DDC000, BlocksNum 0x192A5B0
13:57:01.0204 0x2aec  MBR partitions:
13:57:01.0204 0x2aec  ============================================================
13:57:01.0235 0x2aec  C: <-> \Device\Harddisk0\DR0\Partition5
13:57:01.0266 0x2aec  S: <-> \Device\Harddisk0\DR0\Partition7
13:57:01.0266 0x2aec  ============================================================
13:57:01.0266 0x2aec  Initialize success
13:57:01.0266 0x2aec  ============================================================
13:57:05.0356 0x1dcc  ============================================================
13:57:05.0356 0x1dcc  Scan started
13:57:05.0356 0x1dcc  Mode: Manual; 
13:57:05.0356 0x1dcc  ============================================================
13:57:05.0356 0x1dcc  KSN ping started
13:57:05.0603 0x1dcc  KSN ping finished: true
13:57:07.0685 0x1dcc  ================ Scan system memory ========================
13:57:07.0685 0x1dcc  System memory - ok
13:57:07.0701 0x1dcc  ================ Scan services =============================
13:57:07.0839 0x1dcc  1394ohci - ok
13:57:07.0839 0x1dcc  3ware - ok
13:57:07.0870 0x1dcc  ACPI - ok
13:57:07.0870 0x1dcc  AcpiDev - ok
13:57:07.0886 0x1dcc  acpiex - ok
13:57:07.0886 0x1dcc  acpipagr - ok
13:57:07.0901 0x1dcc  AcpiPmi - ok
13:57:07.0901 0x1dcc  acpitime - ok
13:57:08.0001 0x1dcc  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:57:08.0001 0x1dcc  AdobeARMservice - ok
13:57:08.0039 0x1dcc  ADP80XX - ok
13:57:08.0055 0x1dcc  AFD - ok
13:57:08.0055 0x1dcc  ahcache - ok
13:57:08.0071 0x1dcc  AJRouter - ok
13:57:08.0086 0x1dcc  ALG - ok
13:57:08.0086 0x1dcc  AmdK8 - ok
13:57:08.0086 0x1dcc  AmdPPM - ok
13:57:08.0086 0x1dcc  amdsata - ok
13:57:08.0086 0x1dcc  amdsbs - ok
13:57:08.0086 0x1dcc  amdxata - ok
13:57:08.0102 0x1dcc  AppID - ok
13:57:08.0102 0x1dcc  AppIDSvc - ok
13:57:08.0102 0x1dcc  Appinfo - ok
13:57:08.0139 0x1dcc  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:57:08.0155 0x1dcc  Apple Mobile Device Service - ok
13:57:08.0155 0x1dcc  applockerfltr - ok
13:57:08.0170 0x1dcc  AppReadiness - ok
13:57:08.0186 0x1dcc  AppXSvc - ok
13:57:08.0201 0x1dcc  arcsas - ok
13:57:08.0201 0x1dcc  AsyncMac - ok
13:57:08.0217 0x1dcc  atapi - ok
13:57:08.0243 0x1dcc  [ CE2BCBDC20734F372B70B94704D3092D, 33C586C1A9C9D357A589F102341EFCFFE465553B54E7C875867F0E15587F53B7 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
13:57:08.0243 0x1dcc  AthBTPort - ok
13:57:08.0290 0x1dcc  [ E8967FC2F24134D585821F5AC6060EA7, 05978C2A0896FF3FD8A4DEFFA7834835B95AB793C6FFEC46CE5C50603AAB21A9 ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
13:57:08.0305 0x1dcc  AtherosSvc - ok
13:57:08.0321 0x1dcc  athr - ok
13:57:08.0340 0x1dcc  AudioEndpointBuilder - ok
13:57:08.0340 0x1dcc  Audiosrv - ok
13:57:08.0355 0x1dcc  AxInstSV - ok
13:57:08.0355 0x1dcc  b06bdrv - ok
13:57:08.0355 0x1dcc  BasicDisplay - ok
13:57:08.0371 0x1dcc  BasicRender - ok
13:57:08.0371 0x1dcc  bcmfn2 - ok
13:57:08.0371 0x1dcc  BDESVC - ok
13:57:08.0386 0x1dcc  Beep - ok
13:57:08.0386 0x1dcc  BFE - ok
13:57:08.0536 0x1dcc  [ 00369DB01757AA37CC64D8ECCFF37EC6, 8291FA9E15258AE32BA3E53831980FC0CB588485DE6D15B3F1B9AF50DFC682CA ] BHDrvx64        C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\BASHDefs\20170426.001\BHDrvx64.sys
13:57:08.0540 0x1dcc  BHDrvx64 - ok
13:57:08.0571 0x1dcc  BITS - ok
13:57:08.0602 0x1dcc  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:57:08.0618 0x1dcc  Bonjour Service - ok
13:57:08.0618 0x1dcc  bowser - ok
13:57:08.0618 0x1dcc  BrokerInfrastructure - ok
13:57:08.0618 0x1dcc  Browser - ok
13:57:08.0639 0x1dcc  [ 6A4643DCE663775C70CFCA8DB454E2A7, 07393385C2EA0519E342C52AC304A4D2D4A142A4E3D11F3BB2DEE4A2F1FD47C9 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
13:57:08.0655 0x1dcc  BTATH_A2DP - ok
13:57:08.0655 0x1dcc  [ 38383A47A110BDA90839BFA7A5918189, 876647EC7D5B5C02B8BD75A89BCC6174A05C9F26912ABA5116330CB367E7D3E5 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
13:57:08.0655 0x1dcc  btath_avdt - ok
13:57:08.0670 0x1dcc  [ D5418AF1B9AC86D89C045026EFBD5FB7, A23B6EEB5779DEE146E12207E6ED68EA514673436A9FC1ECBAE46D586F02D468 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
13:57:08.0670 0x1dcc  BTATH_BUS - ok
13:57:08.0686 0x1dcc  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
13:57:08.0686 0x1dcc  BTATH_HCRP - ok
13:57:08.0686 0x1dcc  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
13:57:08.0702 0x1dcc  BTATH_LWFLT - ok
13:57:08.0702 0x1dcc  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
13:57:08.0702 0x1dcc  BTATH_RCP - ok
13:57:08.0717 0x1dcc  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:57:08.0737 0x1dcc  BtFilter - ok
13:57:08.0739 0x1dcc  BthAvrcpTg - ok
13:57:08.0739 0x1dcc  BthEnum - ok
13:57:08.0755 0x1dcc  BthHFEnum - ok
13:57:08.0755 0x1dcc  bthhfhid - ok
13:57:08.0755 0x1dcc  BthHFSrv - ok
13:57:08.0771 0x1dcc  BthLEEnum - ok
13:57:08.0771 0x1dcc  BTHMODEM - ok
13:57:08.0771 0x1dcc  BthPan - ok
13:57:08.0771 0x1dcc  BTHPORT - ok
13:57:08.0771 0x1dcc  bthserv - ok
13:57:08.0771 0x1dcc  BTHUSB - ok
13:57:08.0786 0x1dcc  buttonconverter - ok
13:57:08.0786 0x1dcc  CAD - ok
13:57:08.0786 0x1dcc  CapImg - ok
13:57:08.0840 0x1dcc  [ FC246917662E3DC1F5BA768FF22FFD3B, 3268ADE1F17F020ED715BA8C3A37B94D555B122B665FA70D73E229462CF5974F ] ccSet_NS        C:\WINDOWS\system32\drivers\NSx64\1609010.00C\ccSetx64.sys
13:57:08.0840 0x1dcc  ccSet_NS - ok
13:57:08.0855 0x1dcc  cdfs - ok
13:57:08.0855 0x1dcc  CDPSvc - ok
13:57:08.0855 0x1dcc  CDPUserSvc - ok
13:57:08.0871 0x1dcc  cdrom - ok
13:57:08.0871 0x1dcc  CertPropSvc - ok
13:57:08.0902 0x1dcc  [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
13:57:08.0902 0x1dcc  cfwids - ok
13:57:08.0902 0x1dcc  cht4iscsi - ok
13:57:08.0902 0x1dcc  cht4vbd - ok
13:57:08.0902 0x1dcc  circlass - ok
13:57:08.0918 0x1dcc  CldFlt - ok
13:57:08.0918 0x1dcc  CLFS - ok
13:57:08.0918 0x1dcc  ClipSVC - ok
13:57:08.0918 0x1dcc  clreg - ok
13:57:08.0939 0x1dcc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
13:57:08.0939 0x1dcc  CLVirtualDrive - ok
13:57:08.0939 0x1dcc  CmBatt - ok
13:57:08.0939 0x1dcc  CNG - ok
13:57:08.0955 0x1dcc  cnghwassist - ok
13:57:08.0955 0x1dcc  [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64    C:\WINDOWS\System32\drivers\lvbflt64.sys
13:57:08.0955 0x1dcc  CompFilter64 - ok
13:57:09.0002 0x1dcc  CompositeBus - ok
13:57:09.0002 0x1dcc  COMSysApp - ok
13:57:09.0002 0x1dcc  condrv - ok
13:57:09.0002 0x1dcc  CoreMessagingRegistrar - ok
13:57:09.0017 0x1dcc  [ 26F6761FF37E7A41E8B042059DF83843, 6B582D96220FFBC2C7AA1A046891B7008AFABF1D91DB5421993579C4D6C317D7 ] CPCSProtector   C:\WINDOWS\system32\drivers\cpcs.sys
13:57:09.0017 0x1dcc  CPCSProtector - ok
13:57:09.0086 0x1dcc  [ C56F757EB2A6D9B850FAD5F075008A57, CDD73A8974B724A62266ED73F7A5E89B52E882D61B2766A994F6D1CDDE027113 ] CPCSScheduler   C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe
13:57:09.0102 0x1dcc  CPCSScheduler - ok
13:57:09.0139 0x1dcc  [ C6BF2747298011BBCAAEAE96E5EC34D1, DA0F8F13DF923976791FEFFB1C4EB683939CA188AE5D4799521664DF767C843E ] CPCSService     C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe
13:57:09.0139 0x1dcc  CPCSService - ok
13:57:09.0155 0x1dcc  CryptSvc - ok
13:57:09.0155 0x1dcc  dam - ok
13:57:09.0171 0x1dcc  DcomLaunch - ok
13:57:09.0171 0x1dcc  defragsvc - ok
13:57:09.0218 0x1dcc  [ 2E19CAEACBBCB68B2338D936D64EA012, 840BD87697D2A11A959E57F695E2E3546555E0C82E812BD30750E3F5BCE7A51F ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
13:57:09.0239 0x1dcc  DellDigitalDelivery - ok
13:57:09.0270 0x1dcc  DeviceAssociationService - ok
13:57:09.0270 0x1dcc  DeviceInstall - ok
13:57:09.0286 0x1dcc  DevicesFlowUserSvc - ok
13:57:09.0302 0x1dcc  DevQueryBroker - ok
13:57:09.0302 0x1dcc  Dfsc - ok
13:57:09.0339 0x1dcc  Dhcp - ok
13:57:09.0370 0x1dcc  diagnosticshub.standardcollector.service - ok
13:57:09.0370 0x1dcc  DiagTrack - ok
13:57:09.0439 0x1dcc  [ 90259F1448C375E55325735EBB28EFAA, 9E674AD0701799FFD4F385ADBBFCC789B0342703EF75E9A1F2242B330982C832 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
13:57:09.0439 0x1dcc  DigitalWave.Update.Service - ok
13:57:09.0455 0x1dcc  Disk - ok
13:57:09.0455 0x1dcc  DmEnrollmentSvc - ok
13:57:09.0470 0x1dcc  dmvsc - ok
13:57:09.0470 0x1dcc  dmwappushservice - ok
13:57:09.0470 0x1dcc  Dnscache - ok
13:57:09.0470 0x1dcc  dot3svc - ok
13:57:09.0470 0x1dcc  DPS - ok
13:57:09.0486 0x1dcc  drmkaud - ok
13:57:09.0486 0x1dcc  DsmSvc - ok
13:57:09.0486 0x1dcc  DsSvc - ok
13:57:09.0486 0x1dcc  DusmSvc - ok
13:57:09.0502 0x1dcc  DXGKrnl - ok
13:57:09.0502 0x1dcc  EapHost - ok
13:57:09.0502 0x1dcc  ebdrv - ok
13:57:09.0537 0x1dcc  [ CF07B7D84298625E3F14A0A443397AB3, 582C5A899D3F10BA4EFB540CE7DDC8FC9C4B366915AC1271BF07D57A93D598F6 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:57:09.0539 0x1dcc  eeCtrl - ok
13:57:09.0539 0x1dcc  EFS - ok
13:57:09.0539 0x1dcc  EhStorClass - ok
13:57:09.0539 0x1dcc  EhStorTcgDrv - ok
13:57:09.0555 0x1dcc  embeddedmode - ok
13:57:09.0570 0x1dcc  EntAppSvc - ok
13:57:09.0586 0x1dcc  [ E51281CFF277216D41C4FD646A32F139, 9C4CD5385B905691DBBD6B945E2A032E0AD387EB44162FF20369FB8792738914 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:57:09.0586 0x1dcc  EraserUtilRebootDrv - ok
13:57:09.0586 0x1dcc  ErrDev - ok
13:57:09.0586 0x1dcc  EventSystem - ok
13:57:09.0602 0x1dcc  exfat - ok
13:57:09.0602 0x1dcc  fastfat - ok
13:57:09.0602 0x1dcc  Fax - ok
13:57:09.0602 0x1dcc  fdc - ok
13:57:09.0617 0x1dcc  fdPHost - ok
13:57:09.0617 0x1dcc  FDResPub - ok
13:57:09.0617 0x1dcc  fhsvc - ok
13:57:09.0639 0x1dcc  FileCrypt - ok
13:57:09.0639 0x1dcc  FileInfo - ok
13:57:09.0639 0x1dcc  Filetrace - ok
13:57:09.0639 0x1dcc  flpydisk - ok
13:57:09.0639 0x1dcc  FltMgr - ok
13:57:09.0639 0x1dcc  FontCache - ok
13:57:09.0686 0x1dcc  FontCache3.0.0.0 - ok
13:57:09.0701 0x1dcc  FrameServer - ok
13:57:09.0701 0x1dcc  FsDepends - ok
13:57:09.0701 0x1dcc  Fs_Rec - ok
13:57:09.0701 0x1dcc  fvevol - ok
13:57:09.0717 0x1dcc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:57:09.0717 0x1dcc  GEARAspiWDM - ok
13:57:09.0737 0x1dcc  gencounter - ok
13:57:09.0739 0x1dcc  genericusbfn - ok
13:57:09.0739 0x1dcc  GPIOClx0101 - ok
13:57:09.0739 0x1dcc  gpsvc - ok
13:57:09.0739 0x1dcc  GpuEnergyDrv - ok
13:57:09.0802 0x1dcc  [ 0770AA83722D93B209B83B1BA80B101D, D9AAE0C5E537C99E55EDDF178F3BDC99B5FE6A91A2D868640D0A558EA80085AF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:57:09.0818 0x1dcc  gupdate - ok
13:57:09.0840 0x1dcc  [ 0770AA83722D93B209B83B1BA80B101D, D9AAE0C5E537C99E55EDDF178F3BDC99B5FE6A91A2D868640D0A558EA80085AF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:57:09.0840 0x1dcc  gupdatem - ok
13:57:09.0855 0x1dcc  HDAudBus - ok
13:57:09.0855 0x1dcc  HidBatt - ok
13:57:09.0855 0x1dcc  HidBth - ok
13:57:09.0855 0x1dcc  hidi2c - ok
13:57:09.0871 0x1dcc  hidinterrupt - ok
13:57:09.0871 0x1dcc  HidIr - ok
13:57:09.0871 0x1dcc  hidserv - ok
13:57:09.0871 0x1dcc  HidUsb - ok
13:57:09.0887 0x1dcc  [ 68EA8A3D98781A13B7D5A67B72787754, DD085A60CE0E5D268065B709B81351AE5C9CC7647275F3DC0135437658E1A3C8 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
13:57:09.0887 0x1dcc  HipShieldK - ok
13:57:09.0902 0x1dcc  HomeGroupListener - ok
13:57:09.0902 0x1dcc  HomeGroupProvider - ok
13:57:09.0987 0x1dcc  [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:57:10.0002 0x1dcc  HomeNetSvc - ok
13:57:10.0002 0x1dcc  HpSAMD - ok
13:57:10.0018 0x1dcc  HTTP - ok
13:57:10.0035 0x1dcc  HvHost - ok
13:57:10.0055 0x1dcc  hvservice - ok
13:57:10.0055 0x1dcc  hwpolicy - ok
13:57:10.0055 0x1dcc  hyperkbd - ok
13:57:10.0071 0x1dcc  i8042prt - ok
13:57:10.0071 0x1dcc  iagpio - ok
13:57:10.0071 0x1dcc  iai2c - ok
13:57:10.0087 0x1dcc  iaLPSS2i_GPIO2 - ok
13:57:10.0087 0x1dcc  iaLPSS2i_GPIO2_BXT_P - ok
13:57:10.0087 0x1dcc  iaLPSS2i_I2C - ok
13:57:10.0087 0x1dcc  iaLPSS2i_I2C_BXT_P - ok
13:57:10.0087 0x1dcc  iaLPSSi_GPIO - ok
13:57:10.0087 0x1dcc  iaLPSSi_I2C - ok
13:57:10.0118 0x1dcc  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:57:10.0137 0x1dcc  iaStorA - ok
13:57:10.0140 0x1dcc  iaStorAV - ok
13:57:10.0156 0x1dcc  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:57:10.0156 0x1dcc  IAStorDataMgrSvc - ok
13:57:10.0156 0x1dcc  iaStorV - ok
13:57:10.0156 0x1dcc  ibbus - ok
13:57:10.0218 0x1dcc  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
13:57:10.0240 0x1dcc  IconMan_R - ok
13:57:10.0272 0x1dcc  icssvc - ok
13:57:10.0418 0x1dcc  [ F3EB9D5BAD4E52A845F7A5791E97BFAB, 94B3CBB1A55E03EC37A23514576B3402C52158BB7A46373DB44FDB793C09B960 ] IDSVia64        C:\Program Files\Norton Security\NortonData\22.9.1.12\Definitions\IPSDefs\20170428.001\IDSvia64.sys
13:57:10.0441 0x1dcc  IDSVia64 - ok
13:57:10.0456 0x1dcc  IKEEXT - ok
13:57:10.0456 0x1dcc  IndirectKmd - ok
13:57:10.0572 0x1dcc  [ 48AC5F706780BCC34811EA89A0727189, F76EC13A5A0FD24D9B63B7546FF749739022D1785357AD06E3FAA7F608E8C714 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:57:10.0688 0x1dcc  IntcAzAudAddService - ok
13:57:10.0704 0x1dcc  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
13:57:10.0719 0x1dcc  Intel(R) Capability Licensing Service Interface - ok
13:57:10.0760 0x1dcc  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:57:10.0775 0x1dcc  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:57:10.0791 0x1dcc  [ 8CAB422BDC0F8A1046F595E964CE2F14, F2FBECCBAF9BF2C92FD4EA1234A08CA98D52B2F0D18E65B43FC08D4A605FE4CD ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:57:10.0791 0x1dcc  Intel(R) ME Service - ok
13:57:10.0791 0x1dcc  intelide - ok
13:57:10.0791 0x1dcc  intelpep - ok
13:57:10.0807 0x1dcc  intelppm - ok
13:57:10.0807 0x1dcc  iorate - ok
13:57:10.0807 0x1dcc  IpFilterDriver - ok
13:57:10.0822 0x1dcc  iphlpsvc - ok
13:57:10.0822 0x1dcc  IPMIDRV - ok
13:57:10.0822 0x1dcc  IPNAT - ok
13:57:10.0844 0x1dcc  [ 97C9EBB84A761D48DC17E0E6B913C164, D195A8410E1FEED1A0EE9C5F5AF6F5FC861284765A38D460D496CE1048501905 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:57:10.0860 0x1dcc  iPod Service - ok
13:57:10.0876 0x1dcc  IpxlatCfgSvc - ok
13:57:10.0876 0x1dcc  irda - ok
13:57:10.0876 0x1dcc  IRENUM - ok
13:57:10.0876 0x1dcc  irmon - ok
13:57:10.0876 0x1dcc  isapnp - ok
13:57:10.0876 0x1dcc  iScsiPrt - ok
13:57:10.0907 0x1dcc  [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:57:10.0907 0x1dcc  jhi_service - ok
13:57:10.0907 0x1dcc  kbdclass - ok
13:57:10.0907 0x1dcc  kbdhid - ok
13:57:10.0907 0x1dcc  kdnic - ok
13:57:10.0922 0x1dcc  KeyIso - ok
13:57:10.0922 0x1dcc  KSecDD - ok
13:57:10.0922 0x1dcc  KSecPkg - ok
13:57:10.0922 0x1dcc  ksthunk - ok
13:57:10.0922 0x1dcc  KtmRm - ok
13:57:10.0922 0x1dcc  LanmanServer - ok
13:57:10.0944 0x1dcc  LanmanWorkstation - ok
13:57:10.0944 0x1dcc  lfsvc - ok
13:57:10.0960 0x1dcc  LicenseManager - ok
13:57:10.0960 0x1dcc  lltdio - ok
13:57:10.0960 0x1dcc  lltdsvc - ok
13:57:10.0960 0x1dcc  lmhosts - ok
13:57:10.0991 0x1dcc  [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:57:11.0007 0x1dcc  LMS - ok
13:57:11.0007 0x1dcc  LSI_SAS - ok
13:57:11.0007 0x1dcc  LSI_SAS2i - ok
13:57:11.0007 0x1dcc  LSI_SAS3i - ok
13:57:11.0007 0x1dcc  LSI_SSS - ok
13:57:11.0007 0x1dcc  LSM - ok
13:57:11.0007 0x1dcc  luafv - ok
13:57:11.0048 0x1dcc  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
13:57:11.0064 0x1dcc  lvrs64 - ok
13:57:11.0149 0x1dcc  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
13:57:11.0249 0x1dcc  LVUVC64 - ok
13:57:11.0265 0x1dcc  MapsBroker - ok
13:57:11.0265 0x1dcc  mausbhost - ok
13:57:11.0265 0x1dcc  mausbip - ok
13:57:11.0296 0x1dcc  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:57:11.0312 0x1dcc  MBAMSwissArmy - ok
13:57:11.0349 0x1dcc  [ 278E661D8D5DC7FEF3932DB1698E1BBB, 5D9BC30321E6DC6FADF83E5272316EBEFB99244AB0CAD41F28DA9AAA2E30DA6C ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
13:57:11.0365 0x1dcc  McAPExe - ok
13:57:11.0396 0x1dcc  [ 7E6A605BF5211D1A065698FEF9894B7F, 7AF0427E47678A428BDB2FB05787D43EB11F731481173260F2B8D265783C1587 ] McAWFwk         C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
13:57:11.0412 0x1dcc  McAWFwk - ok
13:57:11.0427 0x1dcc  [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:57:11.0427 0x1dcc  McMPFSvc - ok
13:57:11.0446 0x1dcc  [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:57:11.0450 0x1dcc  McNaiAnn - ok
13:57:11.0481 0x1dcc  [ 1C5BE4413C35D6B1F61C7EC7A628ECDD, E6BAD7F19D3E76268A09230A123BB47D6C7238B6E007CC45C6BC51BB993E8B46 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
13:57:11.0481 0x1dcc  McODS - ok
13:57:11.0497 0x1dcc  [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
13:57:11.0513 0x1dcc  McProxy - ok
13:57:11.0513 0x1dcc  megasas - ok
13:57:11.0513 0x1dcc  megasas2i - ok
13:57:11.0513 0x1dcc  megasr - ok
13:57:11.0549 0x1dcc  [ C4A4BE9C6EDA9640F272B48FC0AB4F06, 8A9BE9FACDDBEBDF47ACB86D5DDC0DD3E5F90EDE1E93B59F9E92375E5CB2ACD6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:57:11.0550 0x1dcc  MEIx64 - ok
13:57:11.0565 0x1dcc  MessagingService - ok
13:57:11.0597 0x1dcc  [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
13:57:11.0612 0x1dcc  mfeaack - ok
13:57:11.0628 0x1dcc  [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
13:57:11.0649 0x1dcc  mfeavfk - ok
13:57:11.0650 0x1dcc  [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk         C:\WINDOWS\system32\DRIVERS\mfedisk.sys
13:57:11.0650 0x1dcc  mfedisk - ok
13:57:11.0650 0x1dcc  [ D1780DF54D9DB0DF6801F8657D5F0A14, 4B695A7165BB11521E602D93E73770D4181E170AA010CE5F91F95031BF4865C9 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
13:57:11.0666 0x1dcc  mfeelamk - ok
13:57:11.0682 0x1dcc  [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:57:11.0682 0x1dcc  mfefire - ok
13:57:11.0697 0x1dcc  [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
13:57:11.0713 0x1dcc  mfefirek - ok
13:57:11.0747 0x1dcc  [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
13:57:11.0751 0x1dcc  mfehidk - ok
13:57:11.0782 0x1dcc  [ 172F71DAFD8D139CB12D20A2A9986676, 9B2CBCE81C7EE0A150CDC4F68370D0B75E9AE57BDB82A4D1B74F4F9F09329240 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
13:57:11.0782 0x1dcc  mfemms - ok
13:57:11.0798 0x1dcc  [ 6DCA16733237F51775CA1DA28F8B20C2, 1F0CE7521C499E86C570F528206C1D4A73A4238F953A295170391F4469D4EA59 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
13:57:11.0798 0x1dcc  mfencbdc - ok
13:57:11.0814 0x1dcc  [ 49C3EEAAADE470DB5CEF659D1A60D443, EA7563E4D3B8304EB8BCCF468CBD09ED9B38B1754A6A061640722306E81E6316 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
13:57:11.0814 0x1dcc  mfencrk - ok
13:57:11.0829 0x1dcc  [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp          C:\Windows\system32\mfevtps.exe
13:57:11.0852 0x1dcc  mfevtp - ok
13:57:11.0868 0x1dcc  [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
13:57:11.0868 0x1dcc  mfewfpk - ok
13:57:11.0868 0x1dcc  mlx4_bus - ok
13:57:11.0868 0x1dcc  MMCSS - ok
13:57:11.0899 0x1dcc  Modem - ok
13:57:11.0914 0x1dcc  monitor - ok
13:57:11.0914 0x1dcc  mouclass - ok
13:57:11.0914 0x1dcc  mouhid - ok
13:57:11.0914 0x1dcc  mountmgr - ok
13:57:11.0914 0x1dcc  mpsdrv - ok
13:57:11.0930 0x1dcc  MpsSvc - ok
13:57:11.0953 0x1dcc  MRxDAV - ok
13:57:11.0953 0x1dcc  mrxsmb - ok
13:57:11.0953 0x1dcc  mrxsmb10 - ok
13:57:11.0969 0x1dcc  mrxsmb20 - ok
13:57:11.0985 0x1dcc  MsBridge - ok
13:57:11.0985 0x1dcc  MSDTC - ok
13:57:12.0000 0x1dcc  Msfs - ok
13:57:12.0000 0x1dcc  msgpiowin32 - ok
13:57:12.0000 0x1dcc  mshidkmdf - ok
13:57:12.0000 0x1dcc  mshidumdf - ok
13:57:12.0000 0x1dcc  msisadrv - ok
13:57:12.0016 0x1dcc  MSiSCSI - ok
13:57:12.0016 0x1dcc  msiserver - ok
13:57:12.0016 0x1dcc  [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:57:12.0016 0x1dcc  MSK80Service - ok
13:57:12.0031 0x1dcc  MSKSSRV - ok
13:57:12.0031 0x1dcc  MsLldp - ok
13:57:12.0031 0x1dcc  MSPCLOCK - ok
13:57:12.0031 0x1dcc  MSPQM - ok
13:57:12.0031 0x1dcc  MsRPC - ok
13:57:12.0031 0x1dcc  mssmbios - ok
13:57:12.0031 0x1dcc  MSTEE - ok
13:57:12.0047 0x1dcc  MTConfig - ok
13:57:12.0049 0x1dcc  Mup - ok
13:57:12.0051 0x1dcc  mvumis - ok
13:57:12.0054 0x1dcc  NativeWifiP - ok
13:57:12.0054 0x1dcc  NaturalAuthentication - ok
13:57:12.0069 0x1dcc  NAVENG - ok
13:57:12.0069 0x1dcc  NAVEX15 - ok
13:57:12.0069 0x1dcc  NcaSvc - ok
13:57:12.0069 0x1dcc  NcbService - ok
13:57:12.0069 0x1dcc  NcdAutoSetup - ok
13:57:12.0085 0x1dcc  ndfltr - ok
13:57:12.0085 0x1dcc  NDIS - ok
13:57:12.0085 0x1dcc  NdisCap - ok
13:57:12.0085 0x1dcc  NdisImPlatform - ok
13:57:12.0085 0x1dcc  NdisTapi - ok
13:57:12.0085 0x1dcc  Ndisuio - ok
13:57:12.0085 0x1dcc  NdisVirtualBus - ok
13:57:12.0085 0x1dcc  NdisWan - ok
13:57:12.0101 0x1dcc  ndiswanlegacy - ok
13:57:12.0101 0x1dcc  ndproxy - ok
13:57:12.0101 0x1dcc  Ndu - ok
13:57:12.0101 0x1dcc  NetAdapterCx - ok
13:57:12.0101 0x1dcc  NetBIOS - ok
13:57:12.0101 0x1dcc  NetBT - ok
13:57:12.0101 0x1dcc  Netlogon - ok
13:57:12.0116 0x1dcc  Netman - ok
13:57:12.0132 0x1dcc  netprofm - ok
13:57:12.0132 0x1dcc  NetSetupSvc - ok
13:57:12.0185 0x1dcc  NetTcpPortSharing - ok
13:57:12.0185 0x1dcc  netvsc - ok
13:57:12.0200 0x1dcc  NgcCtnrSvc - ok
13:57:12.0200 0x1dcc  NgcSvc - ok
13:57:12.0216 0x1dcc  NlaSvc - ok
13:57:12.0216 0x1dcc  Npfs - ok
13:57:12.0216 0x1dcc  npsvctrig - ok
13:57:12.0285 0x1dcc  [ 42C09F5659D8620BFDF1F61A5E7059F0, 15EB5CB87D8F62AE2AC9CC57F3CF0EE9E1CF7CA85441CF06413965EE43844D5A ] NS              C:\Program Files\Norton Security\Engine\22.9.1.12\NS.exe
13:57:12.0300 0x1dcc  NS - ok
13:57:12.0300 0x1dcc  nsi - ok
13:57:12.0300 0x1dcc  nsiproxy - ok
13:57:12.0300 0x1dcc  NTFS - ok
13:57:12.0316 0x1dcc  Null - ok
13:57:12.0316 0x1dcc  nvdimmn - ok
13:57:12.0351 0x1dcc  [ A2776F56DD0AD41314AC4735DAE0CAE8, E7ED04785ACA644BCE1A8F28D0061B7A1B727C77BB93B1551785B1C92C152734 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
13:57:12.0353 0x1dcc  NVHDA - ok
13:57:12.0688 0x1dcc  [ 2E3E4B23B9974DC900BF184D62AD3B31, EEA082860338C50DC68FA23ECFD81605ACA079487ECE34E82D9BFE2875620FE5 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_39d8ca1ac617325e\nvlddmkm.sys
13:57:12.0835 0x1dcc  nvlddmkm - ok
13:57:12.0857 0x1dcc  [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:57:12.0859 0x1dcc  nvpciflt - ok
13:57:12.0861 0x1dcc  nvraid - ok
13:57:12.0863 0x1dcc  nvstor - ok
13:57:12.0879 0x1dcc  [ FD7B8BC709366795A15EEC9DDA9A46BD, E8D4176E7EBEEB8AB1DBC79241365CFBD07442A84B50C2477C0F0345EF5CE7D6 ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
13:57:12.0895 0x1dcc  NvStUSB - ok
13:57:12.0910 0x1dcc  OneSyncSvc - ok
13:57:12.0926 0x1dcc  p2pimsvc - ok
13:57:12.0926 0x1dcc  p2psvc - ok
13:57:12.0926 0x1dcc  Parport - ok
13:57:12.0942 0x1dcc  partmgr - ok
13:57:12.0942 0x1dcc  PcaSvc - ok
13:57:12.0942 0x1dcc  pci - ok
13:57:12.0942 0x1dcc  pciide - ok
13:57:12.0942 0x1dcc  pcmcia - ok
13:57:12.0942 0x1dcc  pcw - ok
13:57:12.0942 0x1dcc  pdc - ok
13:57:12.0942 0x1dcc  PEAUTH - ok
13:57:12.0958 0x1dcc  percsas2i - ok
13:57:12.0960 0x1dcc  percsas3i - ok
13:57:12.0995 0x1dcc  PerfHost - ok
13:57:12.0995 0x1dcc  PhoneSvc - ok
13:57:12.0995 0x1dcc  PimIndexMaintenanceSvc - ok
13:57:13.0011 0x1dcc  pla - ok
13:57:13.0011 0x1dcc  PlugPlay - ok
13:57:13.0011 0x1dcc  pmem - ok
13:57:13.0011 0x1dcc  PNRPAutoReg - ok
13:57:13.0011 0x1dcc  PNRPsvc - ok
13:57:13.0026 0x1dcc  PolicyAgent - ok
13:57:13.0026 0x1dcc  Power - ok
13:57:13.0026 0x1dcc  PptpMiniport - ok
13:57:13.0142 0x1dcc  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:57:13.0196 0x1dcc  PrintNotify - ok
13:57:13.0211 0x1dcc  Processor - ok
13:57:13.0211 0x1dcc  ProfSvc - ok
13:57:13.0211 0x1dcc  Psched - ok
13:57:13.0242 0x1dcc  QWAVE - ok
13:57:13.0242 0x1dcc  QWAVEdrv - ok
13:57:13.0242 0x1dcc  RasAcd - ok
13:57:13.0242 0x1dcc  RasAgileVpn - ok
13:57:13.0242 0x1dcc  RasAuto - ok
13:57:13.0258 0x1dcc  Rasl2tp - ok
13:57:13.0261 0x1dcc  RasMan - ok
13:57:13.0263 0x1dcc  RasPppoe - ok
13:57:13.0264 0x1dcc  RasSstp - ok
13:57:13.0264 0x1dcc  rdbss - ok
13:57:13.0264 0x1dcc  rdpbus - ok
13:57:13.0264 0x1dcc  RDPDR - ok
13:57:13.0264 0x1dcc  RdpVideoMiniport - ok
13:57:13.0264 0x1dcc  rdyboost - ok
13:57:13.0264 0x1dcc  ReFS - ok
13:57:13.0279 0x1dcc  ReFSv1 - ok
13:57:13.0279 0x1dcc  RemoteAccess - ok
13:57:13.0279 0x1dcc  RemoteRegistry - ok
13:57:13.0279 0x1dcc  RetailDemo - ok
13:57:13.0295 0x1dcc  RFCOMM - ok
13:57:13.0364 0x1dcc  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:57:13.0380 0x1dcc  RichVideo - ok
13:57:13.0380 0x1dcc  RmSvc - ok
13:57:13.0380 0x1dcc  RpcEptMapper - ok
13:57:13.0395 0x1dcc  RpcLocator - ok
13:57:13.0395 0x1dcc  RpcSs - ok
13:57:13.0395 0x1dcc  rspndr - ok
13:57:13.0411 0x1dcc  [ 7291CC1B5ECA448B0B9C15E7E987A6B3, 1A61A4E5105354ABF041989044E97F1DEE356D65D77218F2DF97A4D2337177FD ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
13:57:13.0426 0x1dcc  RSUSBSTOR - ok
13:57:13.0464 0x1dcc  [ DBE1ADA144291F8E0F29ECC40AE14562, D85E5F698EFC6B2374FB330BE4C6828AA3E1A87D3F08BB855A790A5113D5ED5B ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
13:57:13.0464 0x1dcc  RtkAudioService - ok
13:57:13.0480 0x1dcc  [ 17DFD02577A5A635FA9642E1F7AE866B, C7135554556CB70F47EDB5A7E1EB0F14D7D3AB42521C3CB9FDFCEC7587A67C92 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
13:57:13.0496 0x1dcc  RTL8168 - ok
13:57:13.0511 0x1dcc  s3cap - ok
13:57:13.0511 0x1dcc  SamSs - ok
13:57:13.0511 0x1dcc  sbp2port - ok
13:57:13.0511 0x1dcc  SCardSvr - ok
13:57:13.0527 0x1dcc  ScDeviceEnum - ok
13:57:13.0527 0x1dcc  scfilter - ok
13:57:13.0527 0x1dcc  Schedule - ok
13:57:13.0527 0x1dcc  scmbus - ok
13:57:13.0527 0x1dcc  SCPolicySvc - ok
13:57:13.0527 0x1dcc  sdbus - ok
13:57:13.0527 0x1dcc  SDFRd - ok
13:57:13.0542 0x1dcc  SDRSVC - ok
13:57:13.0542 0x1dcc  sdstor - ok
13:57:13.0542 0x1dcc  seclogon - ok
13:57:13.0542 0x1dcc  SecurityHealthService - ok
13:57:13.0542 0x1dcc  SEMgrSvc - ok
13:57:13.0558 0x1dcc  SENS - ok
13:57:13.0560 0x1dcc  SensorDataService - ok
13:57:13.0562 0x1dcc  SensorService - ok
13:57:13.0564 0x1dcc  SensrSvc - ok
13:57:13.0564 0x1dcc  SerCx - ok
13:57:13.0564 0x1dcc  SerCx2 - ok
13:57:13.0564 0x1dcc  Serenum - ok
13:57:13.0564 0x1dcc  Serial - ok
13:57:13.0564 0x1dcc  sermouse - ok
13:57:13.0564 0x1dcc  SessionEnv - ok
13:57:13.0580 0x1dcc  sfloppy - ok
13:57:13.0580 0x1dcc  SharedAccess - ok
13:57:13.0580 0x1dcc  ShellHWDetection - ok
13:57:13.0580 0x1dcc  shpamsvc - ok
13:57:13.0595 0x1dcc  SiSRaid2 - ok
13:57:13.0595 0x1dcc  SiSRaid4 - ok
13:57:13.0627 0x1dcc  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:57:13.0627 0x1dcc  SkypeUpdate - ok
13:57:13.0627 0x1dcc  smphost - ok
13:57:13.0642 0x1dcc  SmsRouter - ok
13:57:13.0642 0x1dcc  SNMPTRAP - ok
13:57:13.0642 0x1dcc  spaceport - ok
13:57:13.0658 0x1dcc  SpatialGraphFilter - ok
13:57:13.0660 0x1dcc  SpbCx - ok
13:57:13.0662 0x1dcc  spectrum - ok
13:57:13.0664 0x1dcc  Spooler - ok
13:57:13.0664 0x1dcc  sppsvc - ok
13:57:13.0742 0x1dcc  [ AB5AF88876E052813A90E8B3BA366E57, 4BE562EBF4D4B9F86F8B4B58EBCDC76FAA0D9CE466AAC89FBE7630E555548C6F ] SRTSP           C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSP64.SYS
13:57:13.0764 0x1dcc  SRTSP - ok
13:57:13.0780 0x1dcc  [ DB6A9479762C164BA43B007DD63F49AF, BFABF451FCA755B7D5356B6982F997BFC6BFB3FE104E52684794B36EB1D96A53 ] SRTSPX          C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSPX64.SYS
13:57:13.0780 0x1dcc  SRTSPX - ok
13:57:13.0780 0x1dcc  srv - ok
13:57:13.0796 0x1dcc  srv2 - ok
13:57:13.0796 0x1dcc  srvnet - ok
13:57:13.0796 0x1dcc  SSDPSRV - ok
13:57:13.0796 0x1dcc  SstpSvc - ok
13:57:13.0796 0x1dcc  StateRepository - ok
13:57:13.0811 0x1dcc  stexstor - ok
13:57:13.0811 0x1dcc  stisvc - ok
13:57:13.0811 0x1dcc  storahci - ok
13:57:13.0811 0x1dcc  storflt - ok
13:57:13.0811 0x1dcc  stornvme - ok
13:57:13.0811 0x1dcc  storqosflt - ok
13:57:13.0811 0x1dcc  StorSvc - ok
13:57:13.0827 0x1dcc  storufs - ok
13:57:13.0827 0x1dcc  storvsc - ok
13:57:13.0827 0x1dcc  svsvc - ok
13:57:13.0827 0x1dcc  swenum - ok
13:57:13.0827 0x1dcc  swprv - ok
13:57:13.0865 0x1dcc  [ 524DA42A8CE7D57319569042DEDE790F, 64AAC565651787930D9367BFA8147C1BBDD08CDA7D7F1580B49DE5ABA8298C44 ] SymEFASI        C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SYMEFASI64.SYS
13:57:13.0912 0x1dcc  SymEFASI - ok
13:57:13.0912 0x1dcc  [ 8EB1D78B7FB4F8632E4777636FECE3D9, 2663373C3582D72DF28563B575E55A907BC1FCA9672BFEA7083A240A9857FAF3 ] SymELAM         C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SymELAM.sys
13:57:13.0912 0x1dcc  SymELAM - ok
13:57:13.0927 0x1dcc  [ 795F3D7EADA700EA18DF8DE490925C7E, F3B464B306744F32CD66D6A4365032BDDA490D1BDEB61F1B4E25A17D53AEA9C1 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
13:57:13.0927 0x1dcc  SymEvent - ok
13:57:13.0943 0x1dcc  [ D1FDDADC2656601FF4E65D1B2653ED50, 4B499BB681765E2A28CB98716FCCA842C2568D4DC275943E00BC2EF2DECC03CB ] SymIRON         C:\WINDOWS\system32\drivers\NSx64\1609010.00C\Ironx64.SYS
13:57:13.0943 0x1dcc  SymIRON - ok
13:57:13.0964 0x1dcc  [ A0F063F986EA89A0E5B2C95795E8D91A, AF439E312B4828D32F193E4EFD3A59E2C046876FD7E1BB62F6CF58E4A2F44615 ] SymNetS         C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SYMNETS.SYS
13:57:13.0964 0x1dcc  SymNetS - ok
13:57:13.0964 0x1dcc  Synth3dVsc - ok
13:57:13.0980 0x1dcc  SysMain - ok
13:57:13.0996 0x1dcc  SystemEventsBroker - ok
13:57:13.0996 0x1dcc  TabletInputService - ok
13:57:14.0011 0x1dcc  TapiSrv - ok
13:57:14.0011 0x1dcc  Tcpip - ok
13:57:14.0011 0x1dcc  Tcpip6 - ok
13:57:14.0011 0x1dcc  tcpipreg - ok
13:57:14.0011 0x1dcc  tdx - ok
13:57:14.0227 0x1dcc  [ 654DCE84A4674F77CDD22E46DAEA8C5A, 5BED3F2E2FA3692AA3BCE6455A58D3BE1C25D1D44578501531A33013029A093F ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
13:57:14.0348 0x1dcc  TeamViewer - ok
13:57:14.0358 0x1dcc  terminpt - ok
13:57:14.0360 0x1dcc  TermService - ok
13:57:14.0373 0x1dcc  Themes - ok
13:57:14.0374 0x1dcc  TieringEngineService - ok
13:57:14.0374 0x1dcc  tiledatamodelsvc - ok
13:57:14.0374 0x1dcc  TimeBrokerSvc - ok
13:57:14.0374 0x1dcc  TokenBroker - ok
13:57:14.0374 0x1dcc  TPM - ok
13:57:14.0374 0x1dcc  TrkWks - ok
13:57:14.0390 0x1dcc  TrustedInstaller - ok
13:57:14.0390 0x1dcc  TsUsbFlt - ok
13:57:14.0406 0x1dcc  TsUsbGD - ok
13:57:14.0406 0x1dcc  tunnel - ok
13:57:14.0422 0x1dcc  tzautoupdate - ok
13:57:14.0422 0x1dcc  UASPStor - ok
13:57:14.0422 0x1dcc  UcmCx0101 - ok
13:57:14.0422 0x1dcc  UcmTcpciCx0101 - ok
13:57:14.0422 0x1dcc  UcmUcsi - ok
13:57:14.0422 0x1dcc  Ucx01000 - ok
13:57:14.0422 0x1dcc  UdeCx - ok
13:57:14.0422 0x1dcc  udfs - ok
13:57:14.0437 0x1dcc  UEFI - ok
13:57:14.0437 0x1dcc  Ufx01000 - ok
13:57:14.0437 0x1dcc  UfxChipidea - ok
13:57:14.0437 0x1dcc  ufxsynopsys - ok
13:57:14.0437 0x1dcc  UI0Detect - ok
13:57:14.0437 0x1dcc  umbus - ok
13:57:14.0453 0x1dcc  UmPass - ok
13:57:14.0453 0x1dcc  UmRdpService - ok
13:57:14.0453 0x1dcc  UnistoreSvc - ok
13:57:14.0453 0x1dcc  upnphost - ok
13:57:14.0453 0x1dcc  UrsChipidea - ok
13:57:14.0453 0x1dcc  UrsCx01000 - ok
13:57:14.0453 0x1dcc  UrsSynopsys - ok
13:57:14.0494 0x1dcc  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
13:57:14.0494 0x1dcc  USBAAPL64 - ok
13:57:14.0494 0x1dcc  usbaudio - ok
13:57:14.0510 0x1dcc  usbccgp - ok
13:57:14.0510 0x1dcc  usbcir - ok
13:57:14.0510 0x1dcc  usbehci - ok
13:57:14.0510 0x1dcc  usbhub - ok
13:57:14.0510 0x1dcc  USBHUB3 - ok
13:57:14.0510 0x1dcc  usbohci - ok
13:57:14.0510 0x1dcc  usbprint - ok
13:57:14.0525 0x1dcc  usbser - ok
13:57:14.0525 0x1dcc  USBSTOR - ok
13:57:14.0525 0x1dcc  usbuhci - ok
13:57:14.0541 0x1dcc  USBXHCI - ok
13:57:14.0541 0x1dcc  UserDataSvc - ok
13:57:14.0541 0x1dcc  UserManager - ok
13:57:14.0557 0x1dcc  UsoSvc - ok
13:57:14.0557 0x1dcc  VaultSvc - ok
13:57:14.0557 0x1dcc  vdrvroot - ok
13:57:14.0557 0x1dcc  vds - ok
13:57:14.0557 0x1dcc  VerifierExt - ok
13:57:14.0557 0x1dcc  vhdmp - ok
13:57:14.0574 0x1dcc  vhf - ok
13:57:14.0576 0x1dcc  vmbus - ok
13:57:14.0578 0x1dcc  VMBusHID - ok
13:57:14.0579 0x1dcc  vmgid - ok
13:57:14.0579 0x1dcc  vmicguestinterface - ok
13:57:14.0579 0x1dcc  vmicheartbeat - ok
13:57:14.0594 0x1dcc  vmickvpexchange - ok
13:57:14.0594 0x1dcc  vmicrdv - ok
13:57:14.0594 0x1dcc  vmicshutdown - ok
13:57:14.0594 0x1dcc  vmictimesync - ok
13:57:14.0594 0x1dcc  vmicvmsession - ok
13:57:14.0594 0x1dcc  vmicvss - ok
13:57:14.0594 0x1dcc  volmgr - ok
13:57:14.0594 0x1dcc  volmgrx - ok
13:57:14.0610 0x1dcc  volsnap - ok
13:57:14.0610 0x1dcc  volume - ok
13:57:14.0610 0x1dcc  vpci - ok
13:57:14.0610 0x1dcc  vsmraid - ok
13:57:14.0610 0x1dcc  VSS - ok
13:57:14.0626 0x1dcc  VSTXRAID - ok
13:57:14.0626 0x1dcc  vwifibus - ok
13:57:14.0626 0x1dcc  vwififlt - ok
13:57:14.0626 0x1dcc  vwifimp - ok
13:57:14.0626 0x1dcc  W32Time - ok
13:57:14.0626 0x1dcc  WacomPen - ok
13:57:14.0626 0x1dcc  WalletService - ok
13:57:14.0641 0x1dcc  wanarp - ok
13:57:14.0641 0x1dcc  wanarpv6 - ok
13:57:14.0641 0x1dcc  wbengine - ok
13:57:14.0641 0x1dcc  WbioSrvc - ok
13:57:14.0641 0x1dcc  wcifs - ok
13:57:14.0641 0x1dcc  Wcmsvc - ok
13:57:14.0641 0x1dcc  wcncsvc - ok
13:57:14.0657 0x1dcc  wcnfs - ok
13:57:14.0657 0x1dcc  WdBoot - ok
13:57:14.0657 0x1dcc  Wdf01000 - ok
13:57:14.0657 0x1dcc  WdFilter - ok
13:57:14.0657 0x1dcc  WdiServiceHost - ok
13:57:14.0657 0x1dcc  WdiSystemHost - ok
13:57:14.0657 0x1dcc  wdiwifi - ok
13:57:14.0673 0x1dcc  WdNisDrv - ok
13:57:14.0678 0x1dcc  WdNisSvc - ok
13:57:14.0694 0x1dcc  WebClient - ok
13:57:14.0694 0x1dcc  Wecsvc - ok
13:57:14.0710 0x1dcc  WEPHOSTSVC - ok
13:57:14.0710 0x1dcc  wercplsupport - ok
13:57:14.0725 0x1dcc  WerSvc - ok
13:57:14.0725 0x1dcc  WFDSConMgrSvc - ok
13:57:14.0725 0x1dcc  WFPLWFS - ok
13:57:14.0725 0x1dcc  WiaRpc - ok
13:57:14.0725 0x1dcc  WIMMount - ok
13:57:14.0725 0x1dcc  WinDefend - ok
13:57:14.0741 0x1dcc  WindowsTrustedRT - ok
13:57:14.0741 0x1dcc  WindowsTrustedRTProxy - ok
13:57:14.0741 0x1dcc  WinHttpAutoProxySvc - ok
13:57:14.0741 0x1dcc  WinMad - ok
13:57:14.0757 0x1dcc  Winmgmt - ok
13:57:14.0757 0x1dcc  WinNat - ok
13:57:14.0774 0x1dcc  WinRM - ok
13:57:14.0778 0x1dcc  WINUSB - ok
13:57:14.0779 0x1dcc  WinVerbs - ok
13:57:14.0779 0x1dcc  wisvc - ok
13:57:14.0795 0x1dcc  WlanSvc - ok
13:57:14.0795 0x1dcc  wlidsvc - ok
13:57:14.0795 0x1dcc  wlpasvc - ok
13:57:14.0795 0x1dcc  WmiAcpi - ok
13:57:14.0810 0x1dcc  wmiApSrv - ok
13:57:14.0810 0x1dcc  WMPNetworkSvc - ok
13:57:14.0826 0x1dcc  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:57:14.0826 0x1dcc  Wof - ok
13:57:14.0857 0x1dcc  workfolderssvc - ok
13:57:14.0857 0x1dcc  WPDBusEnum - ok
13:57:14.0857 0x1dcc  WpdUpFltr - ok
13:57:14.0857 0x1dcc  WpnService - ok
13:57:14.0857 0x1dcc  WpnUserService - ok
13:57:14.0857 0x1dcc  ws2ifsl - ok
13:57:14.0857 0x1dcc  wscsvc - ok
13:57:14.0879 0x1dcc  WSDPrintDevice - ok
13:57:14.0879 0x1dcc  WSearch - ok
13:57:14.0879 0x1dcc  wuauserv - ok
13:57:14.0895 0x1dcc  WudfPf - ok
13:57:14.0895 0x1dcc  WUDFRd - ok
13:57:14.0895 0x1dcc  wudfsvc - ok
13:57:14.0895 0x1dcc  WUDFWpdFs - ok
13:57:14.0895 0x1dcc  WUDFWpdMtp - ok
13:57:14.0895 0x1dcc  WwanSvc - ok
13:57:14.0895 0x1dcc  xbgm - ok
13:57:14.0911 0x1dcc  XblAuthManager - ok
13:57:14.0911 0x1dcc  XblGameSave - ok
13:57:14.0911 0x1dcc  xboxgip - ok
13:57:14.0911 0x1dcc  XboxGipSvc - ok
13:57:14.0911 0x1dcc  XboxNetApiSvc - ok
13:57:14.0911 0x1dcc  xinputhid - ok
13:57:14.0926 0x1dcc  [ 16B6B5B4CAFEA003B4ADA9FF16A6299A, 413A47C745CC1C98D16F403767EAA5E2F4DA587CFE3B0D8F20CA3D69C9E6731B ] XtuAcpiDriver   C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
13:57:14.0926 0x1dcc  XtuAcpiDriver - ok
13:57:14.0958 0x1dcc  [ 09B22759E21A560DE6255596009695DF, 906A37B62FBB1EB2271A65144AD9AAD471AB2F2621DC7A21C1DA41FD2AFA740F ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
13:57:14.0958 0x1dcc  ZAtheros Wlan Agent - ok
13:57:14.0958 0x1dcc  ================ Scan global ===============================
13:57:14.0995 0x1dcc  [ Global ] - ok
13:57:14.0995 0x1dcc  ================ Scan MBR ==================================
13:57:15.0026 0x1dcc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:57:15.0042 0x1dcc  \Device\Harddisk0\DR0 - ok
13:57:15.0042 0x1dcc  ================ Scan VBR ==================================
13:57:15.0057 0x1dcc  [ 5859D837F9E0B0914228AE1725B36287 ] \Device\Harddisk0\DR0\Partition1
13:57:15.0057 0x1dcc  \Device\Harddisk0\DR0\Partition1 - ok
13:57:15.0073 0x1dcc  [ 17CFEC63EE82F138721E85D0315CF701 ] \Device\Harddisk0\DR0\Partition2
13:57:15.0074 0x1dcc  \Device\Harddisk0\DR0\Partition2 - ok
13:57:15.0081 0x1dcc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:57:15.0081 0x1dcc  \Device\Harddisk0\DR0\Partition3 - ok
13:57:15.0081 0x1dcc  [ CB6465172D7700AB857AFCC740B05569 ] \Device\Harddisk0\DR0\Partition4
13:57:15.0081 0x1dcc  \Device\Harddisk0\DR0\Partition4 - ok
13:57:15.0081 0x1dcc  [ 26B182D2A32C2B07C6FFC8E3C7968472 ] \Device\Harddisk0\DR0\Partition5
13:57:15.0097 0x1dcc  \Device\Harddisk0\DR0\Partition5 - ok
13:57:15.0113 0x1dcc  [ 4E7FBCAAEF37E8DEB51AAEF38CA8A964 ] \Device\Harddisk0\DR0\Partition6
13:57:15.0113 0x1dcc  \Device\Harddisk0\DR0\Partition6 - ok
13:57:15.0113 0x1dcc  [ 6181F81E0A83622D0823454F6B14EC32 ] \Device\Harddisk0\DR0\Partition7
13:57:15.0113 0x1dcc  \Device\Harddisk0\DR0\Partition7 - ok
13:57:15.0128 0x1dcc  [ A78851E5DE80370F9383D5949A52CF76 ] \Device\Harddisk0\DR0\Partition8
13:57:15.0128 0x1dcc  \Device\Harddisk0\DR0\Partition8 - ok
13:57:15.0128 0x1dcc  ================ Scan generic autorun ======================
13:57:15.0175 0x1dcc  SecurityHealth - ok
13:57:15.0345 0x1dcc  [ 641B19018CB32619ADBD0AED4964E1D9, 4F85CD33E69A1EE9C145407E2FE28C0D6EAE0782576D656E583052A69677A910 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
13:57:15.0434 0x1dcc  RTHDVCPL - ok
13:57:15.0452 0x1dcc  [ BC5A40AEAC1CF7708D07CBC2F577F90B, A70B2C08CE007532739C60B474289459225D0554C8C5DA113DC649955BDC9DF6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:57:15.0499 0x1dcc  RtHDVBg - ok
13:57:15.0584 0x1dcc  [ 66B1C09A03323BC0142B62769ACB195E, 54B59524DE975DF649AD0C781772753135F6F73BA1A5E2458658665565BAADEC ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:57:15.0615 0x1dcc  NvBackend - ok
13:57:15.0652 0x1dcc  [ 353C3D309B32642C329518FB2A3CC317, 9F1EDA8398203D65C2B05874052F5544DB1F662C24ECEEC9C95D5C397ABDAF76 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
13:57:15.0668 0x1dcc  IAStorIcon - ok
13:57:15.0699 0x1dcc  [ 3453D731C393236467B217EDA16023C7, D7DDD2F0E016DA498FB1A6910AB682356FC17455967A0D37CE906893D1B7B5A5 ] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe
13:57:15.0715 0x1dcc  BtPreLoad - ok
13:57:15.0752 0x1dcc  [ 64D89BDA981ECD2BC9B547E4210CA6E0, 403F685FBC8A71896F550476C3E3CAAC0D593F7CF25D4A2F61ED62D576E62F12 ] C:\Program Files\iTunes\iTunesHelper.exe
13:57:15.0752 0x1dcc  iTunesHelper - ok
13:57:15.0815 0x1dcc  [ 139C3E683C64935D397A3A656D443E29, 56A914FC51ED13541987DBE2DE9ED28D9130DD3CF8DD90F9550A1D8818B24983 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:57:15.0815 0x1dcc  RemoteControl10 - ok
13:57:15.0852 0x1dcc  [ 5183EC20A788D7A78C7B408FDEA6F303, E93956ED56889FC0EA736A1787CF44CE09D21022B12DBDCD47A754EAB5A1A797 ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
13:57:15.0868 0x1dcc  Nikon Message Center 2 - ok
13:57:15.0968 0x1dcc  OneDriveSetup - ok
13:57:15.0968 0x1dcc  OneDriveSetup - ok
13:57:16.0168 0x1dcc  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Julien\AppData\Local\Amazon Music\Amazon Music Helper.exe
13:57:16.0284 0x1dcc  Amazon Music - ok
13:57:16.0315 0x1dcc  Skype - ok
13:57:16.0416 0x1dcc  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Julien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:57:16.0432 0x1dcc  OneDrive - ok
13:57:16.0631 0x1dcc  [ 638AE77DC319958727FBEA403D37B2D6, FF40F8D0A0EA99478BF46656FDB7BB37CED75375F4FD149E3FE2393749120D39 ] C:\Program Files\CCleaner\CCleaner64.exe
13:57:16.0739 0x1dcc  CCleaner Monitoring - ok
13:57:16.0746 0x1dcc  OneDriveSetup - ok
13:57:16.0760 0x1dcc  WAB Migrate - ok
13:57:16.0760 0x1dcc  Waiting for KSN requests completion. In queue: 69
13:57:17.0871 0x1dcc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
13:57:17.0871 0x1dcc  AV detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.1.12\WSCStub.exe ( 22.9.0.0 ), 0x51000 ( enabled : updated )
13:57:17.0902 0x1dcc  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x50000 ( disabled : updated )
13:57:17.0902 0x1dcc  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x50010 ( disabled )
13:57:17.0902 0x1dcc  FW detected via SS2: Norton Security, C:\Program Files\Norton Security\Engine\22.9.1.12\WSCStub.exe ( 22.9.0.0 ), 0x51010 ( enabled )
13:57:18.0102 0x1dcc  ============================================================
13:57:18.0102 0x1dcc  Scan finished
13:57:18.0102 0x1dcc  ============================================================
13:57:18.0117 0x18d8  Detected object count: 0
13:57:18.0117 0x18d8  Actual detected object count: 0
14:14:30.0458 0x04a0  Deinitialize success

M-K-D-B · 01.05.2017, 10:20

Servus,

ich vermute, dass eine Bereinigung fehlschlägt, weil du zu viele AV-Programme gleichzeitig installiert hast.

Schritt 1

Deinstalliere über die Systemsteuerung (Bebilderte Anleitung):
- Norton Security
- McAfee
Starte den Rechner im Anschluss neu auf.
Lade dir das Norton Removal Tool und das McAfee Removal Tool herunter.
Führe jeweils beide aus und lass nach jedem Tool den Rechner neu starten.

Schritt 2

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die beiden neuen Logdateien von FRST.

gregster · 02.05.2017, 21:01

Hallo M-K-D-B,

habe das Problem erkannt, so wie Ihr schon vermutet habt: zu viele AV Programme die sich gegenseitig blockieren.
Leider war nach dem Deinstallieren von Norton, kein anklicken mehr möglich (Sanduhr, es ging nichts mehr). Es konnte weder ein Programm gestartet werden, noch eins gelöscht. Habe den Rechner mehrmals ausschalten müssen und nach dem Hochlauf das gleiche Problem.
Letztendlich habe ein Win 10 Bootstick mit einem Microsoft Tool erstellt und die Partition C zurückgesetzt, quasi Format C durchgeführt.
Jetzt ist mein System wieder wie neu.
Ich hoffe, ich werde nicht so oft eure Hilfe benötigen aber trotzdem möchte ich mich für die Unterstützung bedanken.

werde kleine Spende schicken___
nochmals Danke.

M-K-D-B · 03.05.2017, 16:25

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine Profilnachricht inklusive Link zum Thema.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

30.04.2017, 10:17	#4
M-K-D-B /// TB-Ausbilder	Thema: ADWCleaner6.046 läuft durch beim Löschen hängt sich der PC auf - was kann die Ursache sein? Servus, FRST und TDSS-Killer wie beschrieben nochmal ausführen und die Logdateien dazu posten.

Thema: ADWCleaner6.046 läuft durch beim Löschen hängt sich der PC auf - was kann die Ursache sein?

Plagegeister aller Art und deren Bekämpfung: Thema: ADWCleaner6.046 läuft durch beim Löschen hängt sich der PC auf - was kann die Ursache sein?