Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1-PUP.optional befall monatlich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.11.2015, 17:43   #1
ship-S
 
Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Hallo,
ich weiß nicht ob ich jetzt einen Virus habe oder nicht( Pc mit Win 8.1 ),
aber seitdem ich für 2 Monate kein Internet hatte, (Ich hab die ganzen Updates gemacht, bevor ich ins Netz ging.) bekam ich jeden Monat einen Fund von PUP.Optional von Malwarebytes .Es schien alles okay ,bis während einer Woche 2 mal mein Pc einen blauen Bildschirm bekam ,
das ein Problem mit den Pc da war und dieser Neugestartet werden muss .

Ich benutzte Malwarebytes , Adwcleaner , und Junkware Removal Tool , Hitmanpro und seit heute funktioniert mein Echtzeit Scanner von Avira
nicht mehr . Ich deinstallierte und installierte ihn neu und trotzdem das gleiche Problem , vieleicht liegt es am Virus ? Zu den 3 Logfiles die ich geben muss:
Als ich FRST anklickte kam eine Meldung und Avira Antivirus packte es in Quarantäne . Ich weiß jetzt nicht ob ich GMER jetzt machen sollte.
Defogger hat funktioniert.

Ich hoffe man kann mir helfen .(Ich benutze ausserdem noch zusätzlich eine externe Festplatte per usb.)

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:14 on 21/11/2015 (Hikaru)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.09.2015
Suchlauf-Zeit: 20:03:45
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.09.12.03
Rootkit Datenbank: v2015.08.16.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Hikaru

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 343573
Verstrichene Zeit: 9 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 1
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\SEARCHULT, , [6e95d95695f61f179c93d7dee71d27d9], 

Registrierungswerte: 4
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, Crossbrowse, , [0201ee4188032c0a9925f792e2226799]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, , [f90a4ce3f5964aec7846b3d6c93b629e]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, Crossbrowse, , [0003b877048781b5338bcbbe0df70ff1]
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\SEARCHULT|Somo,   , , [6e95d95695f61f179c93d7dee71d27d9]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.09.2015
Suchlaufzeit: 16:21
Protokolldatei: malwarebytes30.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.30.05
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Hikaru

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 346306
Abgelaufene Zeit: 19 Min., 39 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [a964f3439bf069cd5136d125c73b738d], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}, In Quarantäne, [a964f3439bf069cd5136d125c73b738d], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.013 - Bericht erstellt am 17/10/2015 um 13:08:16
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-16.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Hikaru - HIKARU-UKE
# Gestartet von : C:\Users\Hikaru\Downloads\adwcleaner_5.013.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Hikaru\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\bobrowser.exe
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{19041B6B-8F97-4669-BA21-C17572737ED2}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Schlüssel Gelöscht : HKCU\Software\Kromtech
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Kromtech

***** [ Internetbrowser ] *****


*************************

:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2168 Bytes] ##########
         
Code:
ATTFilter

~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Hikaru\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic

[C:\Users\Hikaru\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Hikaru\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gpdjojdkbbmdfjfahjcgigfpmkopogic

[C:\Users\Hikaru\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Hikaru\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  gpdjojdkbbmdfjfahjcgigfpmkopogic
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.10.2015 at 13:16:48,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.11.2015
Suchlaufzeit: 14:15
Protokolldatei: malwarebytes2111B.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.21.03
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Hikaru

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320847
Abgelaufene Zeit: 7 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Scan, 21.11.2015 00:34, SYSTEM, HIKARU-UKE, Manual, Start: 21.11.2015 00:25, Dauer: 8 Min. 50 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 
Update, 21.11.2015 13:49, SYSTEM, HIKARU-UKE, Scheduler, IP Database, 2015.11.18.1, 2015.11.21.1, 
Update, 21.11.2015 13:49, SYSTEM, HIKARU-UKE, Scheduler, Domain Database, 2015.11.20.5, 2015.11.21.2, 
Update, 21.11.2015 13:49, SYSTEM, HIKARU-UKE, Scheduler, Malware Database, 2015.11.20.7, 2015.11.21.3, 
Scan, 21.11.2015 13:59, SYSTEM, HIKARU-UKE, Context, Start: 21.11.2015 13:50, Dauer: 9 Min. 9 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 
Error, 21.11.2015 14:08, SYSTEM, HIKARU-UKE, Protection, IsLicensed, 13, 
Protection, 21.11.2015 14:08, SYSTEM, HIKARU-UKE, Protection, Malware Protection, Stopping, 
Protection, 21.11.2015 14:08, SYSTEM, HIKARU-UKE, Protection, Malware Protection, Stopped, 
Scan, 21.11.2015 14:22, SYSTEM, HIKARU-UKE, Manual, Start: 21.11.2015 14:15, Dauer: 7 Min. 33 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 

(end)
         
Code:
ATTFilter
Antivirus Pro
Report file date: Samstag, 21. November 2015  15:09


The program is running as an unrestricted full version.
Online services are available.

Licensee        : MARIA TORN
Serial number   : 2228793262-PEPWM-0000003
Platform        : Windows 8.1
Windows version : (plain)  [6.3.9600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : HIKARU-UKE

Version information:
build.dat       : 15.0.14.259    92306 Bytes  28.10.2015 18:21:00
AVSCAN.EXE      : 15.0.14.257  1175480 Bytes  28.10.2015 17:21:49
AVSCANRC.DLL    : 15.0.14.233    56944 Bytes  28.10.2015 17:21:49
LUKE.DLL        : 15.0.14.257    68280 Bytes  28.10.2015 17:21:53
AVSCPLR.DLL     : 15.0.14.257   106352 Bytes  28.10.2015 17:21:49
REPAIR.DLL      : 15.0.14.257   539520 Bytes  28.10.2015 17:21:49
repair.rdf      : 1.0.12.26    1339400 Bytes  21.11.2015 14:08:36
AVREG.DLL       : 15.0.14.256   346312 Bytes  28.10.2015 17:21:49
avlode.dll      : 15.0.14.257   675424 Bytes  28.10.2015 17:21:49
avlode.rdf      : 14.0.5.6       84211 Bytes  28.10.2015 17:21:49
XBV00029.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00030.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00031.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00032.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00033.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00034.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00035.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00036.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00037.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00038.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00039.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00040.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00041.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00090.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00091.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00092.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00093.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00094.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00095.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00096.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00097.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00098.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00099.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00100.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00101.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00102.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00103.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00104.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00105.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00106.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00107.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00108.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00109.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00110.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00111.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00112.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00113.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00114.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00115.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00116.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00117.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00118.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00119.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00120.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00121.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00122.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00123.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00124.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00125.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00126.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00127.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00128.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00129.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00130.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00131.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00132.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00133.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00134.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00135.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00136.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00137.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00138.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00139.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00140.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00141.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00142.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00143.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00144.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00145.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00146.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00147.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00148.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00149.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00150.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00151.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00152.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00153.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00154.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00155.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00156.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00157.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00158.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00159.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00160.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00161.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00162.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00163.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00164.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00165.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00166.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00167.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00168.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00169.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00170.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00171.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00172.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00173.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00174.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00175.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00176.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00177.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00178.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00179.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00180.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00181.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00182.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00183.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00184.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00185.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00186.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00187.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00188.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00189.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00190.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00191.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00192.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00193.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00194.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00195.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00196.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00197.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00198.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00199.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00200.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00201.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00202.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00203.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00204.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00205.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00206.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00207.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00208.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00209.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00210.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00211.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00212.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00213.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00214.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00215.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00216.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00217.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00218.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00219.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00220.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00221.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00222.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00223.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00224.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00225.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00226.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00227.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00228.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00229.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00230.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00231.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00232.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00233.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00234.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00235.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00236.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00237.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00238.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00239.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00240.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00241.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00242.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00243.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00244.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00245.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00246.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00247.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00248.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00249.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00250.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00251.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00252.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00253.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00254.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00255.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 17:21:54
XBV00001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 17:21:54
XBV00002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 17:21:54
XBV00003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 17:21:54
XBV00004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 17:21:54
XBV00005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 17:21:54
XBV00006.VDF    : 7.11.139.38 15708672 Bytes  27.03.2014 17:21:54
XBV00007.VDF    : 7.11.152.100  4193792 Bytes  02.06.2014 17:21:54
XBV00008.VDF    : 8.11.165.192  4251136 Bytes  07.08.2014 17:21:54
XBV00009.VDF    : 8.11.172.30  2094080 Bytes  15.09.2014 17:21:54
XBV00010.VDF    : 8.11.178.32  1581056 Bytes  14.10.2014 17:21:54
XBV00011.VDF    : 8.11.184.50  2178560 Bytes  11.11.2014 17:21:54
XBV00012.VDF    : 8.11.190.32  1876992 Bytes  03.12.2014 17:21:54
XBV00013.VDF    : 8.11.201.28  2973696 Bytes  14.01.2015 17:21:54
XBV00014.VDF    : 8.11.206.252  2695680 Bytes  04.02.2015 17:21:54
XBV00015.VDF    : 8.11.213.84  3175936 Bytes  03.03.2015 17:21:54
XBV00016.VDF    : 8.11.213.176   212480 Bytes  05.03.2015 17:21:54
XBV00017.VDF    : 8.11.219.166  2033664 Bytes  25.03.2015 17:21:54
XBV00018.VDF    : 8.11.225.88  2367488 Bytes  22.04.2015 17:21:54
XBV00019.VDF    : 8.11.230.186  1674752 Bytes  13.05.2015 17:21:54
XBV00020.VDF    : 8.11.237.30  4711936 Bytes  02.06.2015 17:21:54
XBV00021.VDF    : 8.11.243.12  2747904 Bytes  26.06.2015 17:21:54
XBV00022.VDF    : 8.11.248.172  2350592 Bytes  17.07.2015 17:21:54
XBV00023.VDF    : 8.11.254.112  2570752 Bytes  07.08.2015 17:21:54
XBV00024.VDF    : 8.12.3.6     2196480 Bytes  27.08.2015 17:21:54
XBV00025.VDF    : 8.12.8.238   1951232 Bytes  16.09.2015 17:21:54
XBV00026.VDF    : 8.12.16.180  2211328 Bytes  07.10.2015 17:21:54
XBV00027.VDF    : 8.12.21.126  2252288 Bytes  27.10.2015 17:21:54
XBV00028.VDF    : 8.12.28.114  2935296 Bytes  17.11.2015 14:08:02
XBV00042.VDF    : 8.12.28.118    33792 Bytes  17.11.2015 14:08:02
XBV00043.VDF    : 8.12.28.122    39424 Bytes  17.11.2015 14:08:02
XBV00044.VDF    : 8.12.28.124     2048 Bytes  18.11.2015 14:08:02
XBV00045.VDF    : 8.12.28.128    51712 Bytes  18.11.2015 14:08:02
XBV00046.VDF    : 8.12.28.130     2048 Bytes  18.11.2015 14:08:02
XBV00047.VDF    : 8.12.28.132    14336 Bytes  18.11.2015 14:08:02
XBV00048.VDF    : 8.12.28.158    10752 Bytes  18.11.2015 14:08:02
XBV00049.VDF    : 8.12.28.184     5632 Bytes  18.11.2015 14:08:02
XBV00050.VDF    : 8.12.28.210     3584 Bytes  18.11.2015 14:08:02
XBV00051.VDF    : 8.12.28.236    10240 Bytes  18.11.2015 14:08:02
XBV00052.VDF    : 8.12.29.6      27136 Bytes  18.11.2015 14:08:02
XBV00053.VDF    : 8.12.29.8       3072 Bytes  18.11.2015 14:08:03
XBV00054.VDF    : 8.12.29.10     15360 Bytes  18.11.2015 14:08:03
XBV00055.VDF    : 8.12.29.12      2048 Bytes  18.11.2015 14:08:03
XBV00056.VDF    : 8.12.29.14      2048 Bytes  18.11.2015 14:08:03
XBV00057.VDF    : 8.12.29.16     13312 Bytes  18.11.2015 14:08:03
XBV00058.VDF    : 8.12.29.18      2048 Bytes  18.11.2015 14:08:03
XBV00059.VDF    : 8.12.29.20     15360 Bytes  18.11.2015 14:08:03
XBV00060.VDF    : 8.12.29.22      6144 Bytes  18.11.2015 14:08:03
XBV00061.VDF    : 8.12.29.24      6144 Bytes  18.11.2015 14:08:03
XBV00062.VDF    : 8.12.29.26     13312 Bytes  18.11.2015 14:08:03
XBV00063.VDF    : 8.12.29.28     15872 Bytes  18.11.2015 14:08:03
XBV00064.VDF    : 8.12.29.52     39424 Bytes  19.11.2015 14:08:03
XBV00065.VDF    : 8.12.29.72      8192 Bytes  19.11.2015 14:08:03
XBV00066.VDF    : 8.12.29.92     13824 Bytes  19.11.2015 14:08:03
XBV00067.VDF    : 8.12.29.112     2048 Bytes  19.11.2015 14:08:03
XBV00068.VDF    : 8.12.29.156    62464 Bytes  19.11.2015 14:08:03
XBV00069.VDF    : 8.12.29.176     2048 Bytes  19.11.2015 14:08:03
XBV00070.VDF    : 8.12.29.196    17408 Bytes  19.11.2015 14:08:03
XBV00071.VDF    : 8.12.29.198     2048 Bytes  19.11.2015 14:08:04
XBV00072.VDF    : 8.12.29.200     2048 Bytes  19.11.2015 14:08:04
XBV00073.VDF    : 8.12.29.202     2048 Bytes  19.11.2015 14:08:04
XBV00074.VDF    : 8.12.29.204     2048 Bytes  19.11.2015 14:08:04
XBV00075.VDF    : 8.12.29.206    13312 Bytes  19.11.2015 14:08:04
XBV00076.VDF    : 8.12.29.210    37888 Bytes  20.11.2015 14:08:04
XBV00077.VDF    : 8.12.29.212     2048 Bytes  20.11.2015 14:08:04
XBV00078.VDF    : 8.12.29.252     2048 Bytes  20.11.2015 14:08:04
XBV00079.VDF    : 8.12.30.16     27136 Bytes  20.11.2015 14:08:04
XBV00080.VDF    : 8.12.30.56     11776 Bytes  20.11.2015 14:08:04
XBV00081.VDF    : 8.12.30.76     39936 Bytes  20.11.2015 14:08:04
XBV00082.VDF    : 8.12.30.78     17920 Bytes  20.11.2015 14:08:04
XBV00083.VDF    : 8.12.30.80      9728 Bytes  20.11.2015 14:08:04
XBV00084.VDF    : 8.12.30.82     10240 Bytes  20.11.2015 14:08:04
XBV00085.VDF    : 8.12.30.84      8704 Bytes  20.11.2015 14:08:04
XBV00086.VDF    : 8.12.30.86      8192 Bytes  20.11.2015 14:08:04
XBV00087.VDF    : 8.12.30.90     33792 Bytes  21.11.2015 14:08:04
XBV00088.VDF    : 8.12.30.92      2048 Bytes  21.11.2015 14:08:04
XBV00089.VDF    : 8.12.30.94     12288 Bytes  21.11.2015 14:08:05
LOCAL000.VDF    : 8.12.30.94  145329152 Bytes  21.11.2015 14:09:06
Engine version  : 8.3.34.76 
AEBB.DLL        : 8.1.3.0        59296 Bytes  21.11.2015 14:07:52
AECORE.DLL      : 8.3.9.0       249920 Bytes  21.11.2015 14:07:53
AEDROID.DLL     : 8.4.3.348    1800104 Bytes  21.11.2015 14:07:59
AEEMU.DLL       : 8.1.3.6       404328 Bytes  21.11.2015 14:07:53
AEEXP.DLL       : 8.4.2.134     277360 Bytes  21.11.2015 14:07:58
AEGEN.DLL       : 8.1.8.2       482424 Bytes  21.11.2015 14:07:53
AEHELP.DLL      : 8.3.2.6       284584 Bytes  21.11.2015 14:07:53
AEHEUR.DLL      : 8.1.4.2050   9894768 Bytes  21.11.2015 14:07:56
AEMOBILE.DLL    : 8.1.8.8       300968 Bytes  21.11.2015 14:07:59
AEOFFICE.DLL    : 8.3.1.56      408432 Bytes  28.10.2015 17:21:48
AEPACK.DLL      : 8.4.1.18      802880 Bytes  28.10.2015 17:21:48
AERDL.DLL       : 8.2.1.38      813928 Bytes  21.11.2015 14:07:57
AESBX.DLL       : 8.2.21.2     1629032 Bytes  21.11.2015 14:07:58
AESCN.DLL       : 8.3.4.0       141216 Bytes  21.11.2015 14:07:57
AESCRIPT.DLL    : 8.3.0.4       542632 Bytes  21.11.2015 14:07:57
AEVDF.DLL       : 8.3.2.4       141216 Bytes  21.11.2015 14:07:57
AVWINLL.DLL     : 15.0.14.233    29600 Bytes  28.10.2015 17:21:49
AVPREF.DLL      : 15.0.14.233    55864 Bytes  28.10.2015 17:21:49
AVREP.DLL       : 15.0.14.233   225320 Bytes  28.10.2015 17:21:49
AVARKT.DLL      : 15.0.14.233   231032 Bytes  28.10.2015 17:21:48
AVEVTLOG.DLL    : 15.0.14.258   200632 Bytes  28.10.2015 17:21:48
SQLITE3.DLL     : 15.0.14.233   460704 Bytes  28.10.2015 17:21:53
AVSMTP.DLL      : 15.0.14.233    82120 Bytes  28.10.2015 17:21:49
NETNT.DLL       : 15.0.14.233    18792 Bytes  28.10.2015 17:21:53
CommonImageRc.dll: 15.0.14.233  4309752 Bytes  28.10.2015 17:21:53
CommonTextRc.dll: 15.0.14.237    68792 Bytes  28.10.2015 17:21:53

Configuration settings for the scan:
Jobname.............................: Quick scan
Configuration file..................: c:\program files (x86)\avira\antivirus\quicksysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Samstag, 21. November 2015  15:09

Start scanning boot sectors:
The file 'C:\Users\Hikaru\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll' was scanned with the Protection Cloud. SHA256 = 7432C6017509ECE530AC4BED4D6AEE36D9D7D36B2F709BD8B75AD5E60D247C62

The scan of running processes will be started:
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '16' Module(s) have been scanned
Scan process 'dwm.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '82' Module(s) have been scanned
Scan process 'svchost.exe' - '167' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'atieclxx.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '101' Module(s) have been scanned
Scan process 'hmpsched.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '67' Module(s) have been scanned
Scan process 'spoolsv.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '75' Module(s) have been scanned
Scan process 'armsvc.exe' - '27' Module(s) have been scanned
Scan process 'Fuel.Service.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '58' Module(s) have been scanned
Scan process 'dashost.exe' - '22' Module(s) have been scanned
Scan process 'Service.exe' - '15' Module(s) have been scanned
Scan process 'SystemAgentService.exe' - '39' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '47' Module(s) have been scanned
Scan process 'NitroPDFDriverService9x64.exe' - '16' Module(s) have been scanned
Scan process 'NLSSRV32.EXE' - '16' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '22' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'Explorer.EXE' - '225' Module(s) have been scanned
Scan process 'taskhostex.exe' - '49' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '23' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '44' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '45' Module(s) have been scanned
Scan process 'StikyNot.exe' - '42' Module(s) have been scanned
Scan process 'chrome.exe' - '94' Module(s) have been scanned
Scan process 'RunDll32.exe' - '57' Module(s) have been scanned
Scan process 'hotkey.exe' - '35' Module(s) have been scanned
Scan process 'JME_LOAD.exe' - '38' Module(s) have been scanned
Scan process 'chrome.exe' - '60' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '41' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '32' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '24' Module(s) have been scanned
Scan process 'chrome.exe' - '49' Module(s) have been scanned
Scan process 'pdf24.exe' - '43' Module(s) have been scanned
Scan process 'GWX.exe' - '38' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '49' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '141' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '143' Module(s) have been scanned
Scan process 'MOM.exe' - '68' Module(s) have been scanned
Scan process 'CCC.exe' - '229' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '29' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '42' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '127' Module(s) have been scanned
Scan process 'avcenter.exe' - '133' Module(s) have been scanned
Scan process 'avshadow.exe' - '23' Module(s) have been scanned
Scan process 'avmailc7.exe' - '54' Module(s) have been scanned
Scan process 'sched.exe' - '83' Module(s) have been scanned
Scan process 'avwebg7.exe' - '50' Module(s) have been scanned
Scan process 'avgnt.exe' - '111' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '113' Module(s) have been scanned
Scan process 'wininit.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '64' Module(s) have been scanned
Scan process 'winlogon.exe' - '28' Module(s) have been scanned

Starting to scan executable files (registry):
The file 'C:\WINDOWS\jmesoft\hotkey.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 3E42FBED89BF8CE6C0EE8C97C050358ED98577BB1DDFA93CDE25F431FC55138E
The file 'C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 5A98B1405126F79846C810E739E964B11A4397F3DE597991308DB3C6AABB8F81
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4
The file 'C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7
The file 'C:\Program Files (x86)\PDF24\pdf24.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 2E672182404223A42BD207B78EE92BD4A58B7DCFC801EDD96458CEAB00578705
The file 'C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE
The file 'C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 06B606E849FB946A9E4CFC8E6799A6B18C4E3233A77ED62DEBCC375649F3D7A8
The file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe' was scanned with the Protection Cloud. SHA256 = 1C3BDCEA4508FC2768A6B2CB56D2B08FCDA6047D6F1B52FE2E2901DBCD72B37C
The file 'C:\Windows\jmesoft\ServiceLoader.exe' was scanned with the Protection Cloud. SHA256 = 2C582D2E97F5AE97D1FBEC0493DF45A8EAF2D2CA93048556FD11B4AAA09956E6
The file 'C:\Program Files\Lenovo\LVT\LJYZ.exe' was scanned with the Protection Cloud. SHA256 = 7A8864A9FA81BF6C53797B7B8FCC2199B812A7E913D35387A0C5C63C170BAC02
The file 'C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe' was scanned with the Protection Cloud. SHA256 = 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF
The file 'C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe' was scanned with the Protection Cloud. SHA256 = 428D1DDD507AF1C940E95458D647CF2DCFADB2ECEDCEA593989B277EC213C29A
The file 'C:\WINDOWS\SysWOW64\vp6vfw.dll' was scanned with the Protection Cloud. SHA256 = 9DAF000174E50A511CE98A6014BAF7839F2578150E2C63DD005C297A8201302C
The file 'C:\WINDOWS\system32\hpinkstsC211LM.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = E30A7DF2CEDED06517D976220DBC53CAFF477FD2934F8AEAFF2F91001BFD8D3A
The file 'C:\WINDOWS\system32\HPDiscoPMC211.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = B84C673F59F11CF4B02DEA500A68BCB6AAFD7A0E807EAACB67B936484A1D4343
The file 'C:\WINDOWS\system32\nitrolocalmon9.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 4C8C4C5F7673F1BF778C62FE3FC23CB00B7812F6E1BC212B9A07EB47E371BA3E
The file 'C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = FFA30C23F631638C1746C2E2C60127DB40A0CD3DA74D4155280BD68C05485FD7
The file 'C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll' was scanned with the Protection Cloud. SHA256 = 56743C8308FE3AE1623ED9A2E54057E5B16B538708CBB99BDF8CC9AA184127FE
The file 'C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll' was scanned with the Protection Cloud. SHA256 = FEAC5DCA00588DE5CC21D2CA16FC33FE569536EFFE53F2FDF7C139F148166D19
The file 'C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll' was scanned with the Protection Cloud. SHA256 = F0B329B10E2915725FEF8A55E684A94E670FAF542810542C3452BAFBA0B3A0C3
The file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll' was scanned with the Protection Cloud. SHA256 = 535FC28EAE280929CFCDD2D111E07AE16031940B4EF3CEF4A20658565DE4D7F6
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GVidEnc.ax' was scanned with the Protection Cloud. SHA256 = F30FB7390DC9804C77AFED41CF47382D0B448D2546F0FCBD9B753409F3657968
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GMP3Wrap.ax' was scanned with the Protection Cloud. SHA256 = C78970B11F90A6E7E5168D221D8FF9F5E43CCFB1C4D88D6CF9C8C77962984D8C
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GAudioCD.ax' was scanned with the Protection Cloud. SHA256 = 87C1805A5BBC49939E81EE4679D010CF40410FF16A121F8B3ECE4EAB98A1F178
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\CLAudWizard.ax' was scanned with the Protection Cloud. SHA256 = 91167E03E1782C53ADCED1BCA8491D613A73192FCDFC1F724394C2C4E8F34664
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GEdtKrn.dll' was scanned with the Protection Cloud. SHA256 = E2861C878A1D44B06383F92B9FAD54103C1EC8462343F492EA21BA16B54094C8
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLLine21.ax' was scanned with the Protection Cloud. SHA256 = 340DAAA634A05F2290A0DE8FB1FFD0805B8F3AE3E8F93088C35EE1774AB3376E
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLNavX.ax' was scanned with the Protection Cloud. SHA256 = 08A9097E43F66A4304B2D3B47922DAB0484D4CC3A9451F4C84F041A9A8626F29
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\CLAudioCD.ax' was scanned with the Protection Cloud. SHA256 = 09E10AAB08DCC2C54C6ED2D750EA64364E5C841199578ADC48080592524769DE
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GVSD.ax' was scanned with the Protection Cloud. SHA256 = EC186F2E05F42E23CEDD60818BF705FAD4C8DEBF190DDFBF58C8166DD0AF3A3A
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLMKVSplter.ax' was scanned with the Protection Cloud. SHA256 = DAD60BEC416DE955CF6D9736B24925C72E327C195C036CBAC20385B0D36C5E94
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\clauts.ax' was scanned with the Protection Cloud. SHA256 = 5DC0C530065BA6D95C9C68D4BE62A9E4F28998C0AC4A95FDAA1DB940141F4C48
The file 'C:\Program Files (x86)\Common Files\ATI Technologies\Multimedia\atimpenc.dll' was scanned with the Protection Cloud. SHA256 = A2768F4C0E6134E36CF96FDC107ABED2E6F342F837EC12EAA57FB01650D0013A
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLRMSplitter.ax' was scanned with the Protection Cloud. SHA256 = 78C460DF630A2676B5C240A2C815F9E106B0418654B6957A7F2389937B44F741
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GRGL.ax' was scanned with the Protection Cloud. SHA256 = 675B3CB3F49E91FA26BAB1E717C4BB250AC2E0DC8F731B6B0B32679909883FFF
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GAud.ax' was scanned with the Protection Cloud. SHA256 = 15862A7A96018B97904D1CFE2FF7F0340BAD4CC837648EE7EFA0BA0ACCD0D5D1
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLSplter.ax' was scanned with the Protection Cloud. SHA256 = EC15C07F4DCA60D17E2EC72F0F0F4425CA3A9B7824575636CF73DAB12BB54C16
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\Claud.ax' was scanned with the Protection Cloud. SHA256 = FB8D96FF7908D56642D26DE56B7B03BA549FB7B526EE494788B02864FF984B43
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLVsd.ax' was scanned with the Protection Cloud. SHA256 = 860F00DEC2C8F6BCD92D20A24A5F541481DBAE773FDE47C754535F6CAC48FAF2
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\CLHBMixer.ax' was scanned with the Protection Cloud. SHA256 = 0CDFE64E772E4D9964A52CD3CF2444C2F5606047D2D3E191B2DFA1487654860F
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GVidFx.ax' was scanned with the Protection Cloud. SHA256 = D94EC01D95DE8DB467E5D726939E4C5597C3978E46A9B8D01B7653E65F523443
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GAuNRWrapper.ax' was scanned with the Protection Cloud. SHA256 = 313AC0891967BB04DA6C7CF20F80BF2D1BC0DB7271ABA3E824BB647EC3171E27
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\ClAudFx.ax' was scanned with the Protection Cloud. SHA256 = 3A05D81D8FAF4C5AC8D3771188695212F21E21223DFB008EF45AF9AB11A82975
The file 'C:\Program Files (x86)\Cyberlink\Shared files\CLImage.ax' was scanned with the Protection Cloud. SHA256 = 204C79176168494050B48B6EEF87CA6517A9559583E1BFB1D17D8A2B5D44EF72
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2Gm2spliter.ax' was scanned with the Protection Cloud. SHA256 = B7ACEF9F0ADEA034172C28E7338513F69AADAB0D141D8041735B9499A849A87E
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GVB.ax' was scanned with the Protection Cloud. SHA256 = 285E99DCEAC1B84B72DDFEC972C60EA6ABF578D00AF5131BF680688C70792873
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GDumpDispatch.ax' was scanned with the Protection Cloud. SHA256 = FC55642C80A1ECEFCDDFB3C79849F287809A136879CBA983602C1A295DFA2456
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GAuRsmpl.ax' was scanned with the Protection Cloud. SHA256 = 9728EE636FDCEE90DCB0F67D16958BB6730AD92382556AF3B68A8807722A4315
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\DigestFilter.dll' was scanned with the Protection Cloud. SHA256 = 9405BD2C3DAB8191DD2E92FC74983B925D659B5F6C665F239FD306F683E4AEAB
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2Gm1spliter.ax' was scanned with the Protection Cloud. SHA256 = F8702CA4C9882F5A23C6B7BCEC93884FAACA68CDAD4834A00414A155E0F9D853
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLSubTitle.ax' was scanned with the Protection Cloud. SHA256 = 8CE9D135CBCC670FCA157075F8786ED502C3DB83F53195F0CCDB2EADBE00E744
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GReader.ax' was scanned with the Protection Cloud. SHA256 = 9CD7D0258D3DFC3404B5DF376D7AC4437497CD4F6C0225044A7581FF177C7608
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GM2VWriter.ax' was scanned with the Protection Cloud. SHA256 = 21D3C57CD97100AFD700B675E6D7607B179D91DB10AF9C5A659D871D775CA504
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLCCDecoder.ax' was scanned with the Protection Cloud. SHA256 = 20B83FD509DEC8A2E33E2DB486BDAE54283720E298A717D3B0805610CF0479A0
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GDump.ax' was scanned with the Protection Cloud. SHA256 = D2707E16C256EE2DD915E946922737281CBD69FB273E2CB5B4BF7AE16C7433B1
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GVideoStabilizer.ax' was scanned with the Protection Cloud. SHA256 = 57F9627224A487112540FA7D30DF8A639E6AAC265BBD99D33DE8EC25B6EE5042
The file 'C:\Program Files\Common Files\ATI Technologies\Multimedia\amf-wic-jpeg-decoder64.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 56531581B5F87D913F9FAC3C265BEA967467992E49F3439347B204CC2D5CDE76
The file 'C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 761A5CE6F2142037620FCEDAF4717FD739BE18CD4235E1A17A917034C584CD40
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GPCMEnc.ax' was scanned with the Protection Cloud. SHA256 = B6AF8241925FA6959D610D10BD8DFFDA17C22868473120652A88DE388762A08F
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLCvd.ax' was scanned with the Protection Cloud. SHA256 = 11647F452382068038656486A89B3AD84BA6DCB59C2126983C0E9952E697887A
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLTzan.ax' was scanned with the Protection Cloud. SHA256 = BB119274F8226591E9B9F978A5AAC63810830903AEAB0FDC7BE2298C420E16F6
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\VideoFilter\CLRMVD.ax' was scanned with the Protection Cloud. SHA256 = C3FFB1E6E06F752DC49D585F49DB7E82D069BBC0C8F2244A13C023B90B54089E
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2Gauts.ax' was scanned with the Protection Cloud. SHA256 = B626FFD4120C7DF36EB0FAA46A3FB4A7905C74FE6AF39BFF4676690BC5DE4ACF
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GTLMSplter.ax' was scanned with the Protection Cloud. SHA256 = 1E767CE842C07EB7C131B5D47C4A2A23FDCBA930478CEC7800D7647D929C7481
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GMpgMux.ax' was scanned with the Protection Cloud. SHA256 = 5A2E3FBD00F88001208660CD441E2E513DFDD91E4A6534B208D5757A37463116
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\clm4splt.ax' was scanned with the Protection Cloud. SHA256 = 4D62D56F13942890B32E57750EB61C15E010EBCBFC9143E9CD6429530B2F6E12
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\AudioFilter\CLRMAud.ax' was scanned with the Protection Cloud. SHA256 = 2AFBA3E487EC0F4A9146FE8AA2DCE1F3076F24EE405F6B74429A22CAE86B7495
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GResample.ax' was scanned with the Protection Cloud. SHA256 = D17087E22A129B1EA01730E5FC29FF2100B01C057FEE0DBD85253240411B7DE8
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GAudEnc.ax' was scanned with the Protection Cloud. SHA256 = EEACC107D9777616431C10EB31E15818D791C6244371D4BB37F890E2E65B20DF
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLFLVSplitter.ax' was scanned with the Protection Cloud. SHA256 = 9488E7D738CB065260E5791A28FEBE420E803091524A6556FD2E03FE861339D6
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\CLDemuxer2.ax' was scanned with the Protection Cloud. SHA256 = 91C8D26236EB7EBE710B2EDAE28C2C57022FD357BE350F9C3B17BA8490B2434C
The file 'C:\Program Files (x86)\Lenovo\Power2Go\P2GMVD.ax' was scanned with the Protection Cloud. SHA256 = 2997E8AB9985D3C33419881D2EE673355F6DD7229DD9F39D034F1DD79F41CE03
The file 'C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll' was scanned with the Protection Cloud. SHA256 = E081BA34191D1A9FE3F7B20331B0E65E31E6A17DBBD02D6EEEA92E49121E150F
The file 'C:\Program Files\Common Files\ATI Technologies\Multimedia\amf-wic-jpeg-decoder32.dll' was scanned with the Protection Cloud. SHA256 = 40257398032A2C99BCF71FFFE2DCB29457D973FEA55BA8CD9416488BFBD5A868
The file 'C:\Users\Hikaru\AppData\Local\Amazon Music\Amazon Music.exe' was scanned with the Protection Cloud. SHA256 = C8DC6AC3E0CAB6E816C19ABE37187A53A5E98C65130195697C9DA681969F916F
The file 'C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 77ECF5E7298C84E12C57ACBDDF15B7E17D6CEC3BBADA3A9DFDA46A5377B2A1F9
The file 'C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 2A5435496A3F2E6FBAF6A153F294A0F81A8A3F8EAFF6187EB32EA029CF168B0C
The file 'C:\Program Files (x86)\Corel\Corel Painter 11\Painter 11.exe' was scanned with the Protection Cloud. SHA256 = BA4F66CB6F915451967053B413A00FED7F80FC710A41889D35726735271FE17A
The file 'C:\Program Files (x86)\Lenovo\MediaStory\MediaStory.exe' was scanned with the Protection Cloud. SHA256 = 9B7A00C9262A6B60C0C62C9FF692662C0E6A5775A944A5574B26DC14B23DBCC1
The file 'C:\Program Files (x86)\Cyberlink\PhotoDirector3\PhotoDirector3.exe' was scanned with the Protection Cloud. SHA256 = A18B4D67FF3E122C61FAB4E1F12FDBA5D30135AAF51BF9B2836140D091BEDDBA
The file 'C:\Program Files\CyberLink\PowerDirector10\PDR10.exe' was scanned with the Protection Cloud. SHA256 = 00B75A20E5F8791A62B2F1459F9D4993E87364AE0550C811CB9EA89CDA118EA0
The file 'C:\Program Files (x86)\EA GAMES\Die Sims 2\CSBin\TS2BodyShop.exe' was scanned with the Protection Cloud. SHA256 = 3B07B1DF960061E9AF9722DD5B3B20B3A57B42192E6BAD633A1F61144D89AF80
The file 'C:\Program Files (x86)\EA GAMES\Die Sims 2\eauninstall.exe' was scanned with the Protection Cloud. SHA256 = D8E070F3E774464A2E6498C89AECDF48B6C5D38A5A9B561BE615390A99388805
The file 'C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe' was scanned with the Protection Cloud. SHA256 = B21BEBCD0C77E75A43D31B31B8960AB5CD83FA1D09F74E73C3069FE59AB83873
The file 'C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\EReg.exe' was scanned with the Protection Cloud. SHA256 = AB9039F4EB5CEDB88558AEC143E9C43AE1725DC13BC29E72B77BCD904CFDE29C
The file 'C:\Windows\Installer\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}\NewShortcut1_06677BC67D8B491296B092784A866C89.exe' was scanned with the Protection Cloud. SHA256 = BFE7BF72821897342A3F4603ED9C556E18179DF4E9CA4CAD15C374BC1DF4E368
The file 'C:\Program Files\HitmanPro\HitmanPro.exe' was scanned with the Protection Cloud. SHA256 = 9E93C5C7E56238AEF03F7460AC571A84F30B203577A8A57D64169A69CBBEA40D
The file 'C:\Program Files\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe' was scanned with the Protection Cloud. SHA256 = 46581FECE3FD43B8A53CE77198C494E8A70E51782A4CC4BD1E8E2DB61DA46469
The file 'C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe' was scanned with the Protection Cloud. SHA256 = 335D4616A579FF1DE66C3222E683699A389EDBACDE7D2532DD6822D4AC6FCC34
The file 'C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe' was scanned with the Protection Cloud. SHA256 = 2A992312482B32A16B7CD793B817E9E22B1C237781B9AE26AA6B1EE04065369F
The file 'C:\Program Files (x86)\Lenovo\BEACON\BeaconClientWindows.exe' was scanned with the Protection Cloud. SHA256 = 6EDADCCCADF4FFA5E16C1C6CE34C8DB53E95B9B77ABA86A43E6CD9548080B6A8
The file 'C:\Program Files (x86)\Lenovo\Lenovo Assistant\PCAssistant2012.exe' was scanned with the Protection Cloud. SHA256 = D1213CBEEA0A517D2D53B8A19C5A45412BCECEB1F440A078613F243D83880E90
The file 'C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe' was scanned with the Protection Cloud. SHA256 = 364700EBDE200DB656CD5215BFC680B52094D0E0BA772D68BBAF0104850CB589
The file 'C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe' was scanned with the Protection Cloud. SHA256 = B08536737DCD793AF5F70E52778D187FE0E92B75EC5E57E94FE3BB0F1B916A4E
The file 'C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe' was scanned with the Protection Cloud. SHA256 = 93F0710DB75BB98B0792F960B59679C48DE1565D37DD3BE7B5C822BAF338FF66
The file 'C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe' was scanned with the Protection Cloud. SHA256 = A9550D6B0D6FDB96AED56268C95DA9EA9148D95F4A78C5D23DEDAD02A81B15FA
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe' was scanned with the Protection Cloud. SHA256 = 017547F23DE224D28FA7D8FCAEB4EBB10A87BB59408E2F2D3000768D4B40C540
The file 'C:\Program Files (x86)\Lenovo DE\Lenovo Photos\Lenovo Photos.exe' was scanned with the Protection Cloud. SHA256 = 17C929F56DECDF91C93A3B77A930D307EE2457B8CDE1AE50EF86055EA4DC7393
The file 'C:\Program Files (x86)\Lenovo DE\Lenovo Photos\Photo Show.exe' was scanned with the Protection Cloud. SHA256 = BA096313391496109C48889011F02BDCD2221E9E54990D7AA39A99CBAD66BEDC
The file 'C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe' was scanned with the Protection Cloud. SHA256 = 2EB93C1E35DE70E6B27C2E25955A483BA161CC513311421B7FC08AA2A82409B9
The file 'C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE' was scanned with the Protection Cloud. SHA256 = 9223C7078D9C10AD45D1736DD91B43F057140E583C2B67EDD37266D76EBEE76D
The file 'C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe' was scanned with the Protection Cloud. SHA256 = D3B517844FED8BEEC3A126E41A8DBBAECA2FEE2FEE1869851DD82B8AD79E4A1E
The file 'C:\Program Files (x86)\PDF24\pdf24-Creator.exe' was scanned with the Protection Cloud. SHA256 = 192196B55B084EC495C7554B4B4A637D247A4A2767A5DF09669FEDE5467D4426
The file 'C:\Program Files (x86)\PDF24\pdf24-Fax.exe' was scanned with the Protection Cloud. SHA256 = 626E6DA0B1937E56F877986CBD41020F4452D3B8183CE3BDB923F0D8316F6D94
The file 'C:\Program Files (x86)\Lenovo DE\Lenovo Photos\CEWE FOTOIMPORTER.exe' was scanned with the Protection Cloud. SHA256 = 54D87107AED4094C5DFD13E6EB697EC81DC6338A10CBB8CB29C796CDEA6C7ABA
The file 'C:\Program Files (x86)\Lenovo\MediaStory\MUITransfer\MDSMUIRes.dll' was scanned with the Protection Cloud. SHA256 = 61313568380F15CD17B5DCBFF4956E2C476977A23BD5B461373A76959604E35C
The file 'C:\Program Files\CyberLink\PowerDirector10\MUITransfer\PDRMUIRes.dll' was scanned with the Protection Cloud. SHA256 = 62D126D63E1994F1F724A8513689629096DB57E1551BB5567ED8CB050E25F5A7
The file 'C:\Program Files (x86)\Lenovo\PowerDVD10\Language\CLMUI\PDVDEnvRes.dll' was scanned with the Protection Cloud. SHA256 = C9DD44CBFBA46E6DAD32C5BD19251AC7CF25677ACE6048D1A35EAED21CB2D644
The file 'C:\Program Files (x86)\CyberLink\PhotoDirector3\MUITransfer\FotoEnvRes.dll' was scanned with the Protection Cloud. SHA256 = 0A82BD88CFE119F3DF09EF80B4CBEDE96E78557C715702AB3DEF1BAC6ED182D0
The file 'C:\WINDOWS\system32\drivers\3ware.sys' was scanned with the Protection Cloud. SHA256 = 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02
The file 'C:\Program Files (x86)\EA GAMES\Die Sims 2\CSBin\PackageInstaller.exe' was scanned with the Protection Cloud. SHA256 = 9B379DA99CC9E606CCC43F330FB7381DAAD182CB6D5411EE5ADB0CEFE804719F
The file 'C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33
The file 'C:\WINDOWS\system32\atiesrxx.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = DB8E47E6AD2E9F62CB047CCFD92C8BFC586EC066DF71FBBBC41DED0F90A1DE9F
The file 'C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 8B9FA2A4C96E6593B9F332116163FA50B453C7229E63E7405F7059CC1861EA3C
The file 'C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 6C82090487952C3C7B9F5B9CF1A271F69EDDC829A43C34DD8F7BFE1B625B94A1
The file 'C:\Program Files\HitmanPro\hmpsched.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 30E5BC6E317E6E2E51D5FC5A814D40A333A0A27BDC55EF6013661317679DDBF7
The file 'C:\WINDOWS\system32\drivers\ADP80XX.SYS' was scanned with the Protection Cloud. SHA256 = 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8
The file 'C:\WINDOWS\system32\DRIVERS\atikmdag.sys' was scanned with the Protection Cloud. SHA256 = 68A63209264877450FA587187476E3722AEFC2F4AA762EF4D0E0BC0514CC5519
The file 'C:\WINDOWS\system32\DRIVERS\atikmpag.sys' was scanned with the Protection Cloud. SHA256 = 1D19D7DFA9DEEE6C275ECCCBB0B102E652F7A6A440C41D6A8ABB80E0A2CCB5CA
The file 'C:\WINDOWS\system32\drivers\amdsata.sys' was scanned with the Protection Cloud. SHA256 = FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35
The file 'C:\WINDOWS\system32\drivers\amdsbs.sys' was scanned with the Protection Cloud. SHA256 = 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8
The file 'C:\WINDOWS\system32\drivers\amdxata.sys' was scanned with the Protection Cloud. SHA256 = 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717
The file 'C:\WINDOWS\system32\drivers\amd_sata.sys' was scanned with the Protection Cloud. SHA256 = 7B99C0C2D25DFD83A1DE7BC34808E7AFBED5E7B1C2EBAAB7416263C5388201F0
The file 'C:\WINDOWS\system32\drivers\amd_xata.sys' was scanned with the Protection Cloud. SHA256 = 83CA7CD1E7808492FD8376AA8C9C9CA8F1527EC535BE557F4BBCA610A33B9286
The file 'C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys' was scanned with the Protection Cloud. SHA256 = 4738F81C40BF3B75612E983AC0DADCA8B4A7D3A5B3FBB5058B93D421A32979AC
The file 'C:\WINDOWS\system32\drivers\arcsas.sys' was scanned with the Protection Cloud. SHA256 = 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA
The file 'C:\WINDOWS\system32\drivers\AtihdWB6.sys' was scanned with the Protection Cloud. SHA256 = 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484
The file 'C:\WINDOWS\system32\drivers\bxvbda.sys' was scanned with the Protection Cloud. SHA256 = 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79
The file 'C:\WINDOWS\System32\drivers\bcmfn2.sys' was scanned with the Protection Cloud. SHA256 = 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857
The file 'C:\WINDOWS\system32\DRIVERS\ssudbus.sys' was scanned with the Protection Cloud. SHA256 = 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662
The file 'C:\WINDOWS\System32\drivers\dmvsc.sys' was scanned with the Protection Cloud. SHA256 = 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112
The file 'C:\WINDOWS\system32\DRIVERS\e1i63x64.sys' was scanned with the Protection Cloud. SHA256 = B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7
The file 'C:\WINDOWS\system32\drivers\evbda.sys' was scanned with the Protection Cloud. SHA256 = D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857
The file 'C:\WINDOWS\system32\drivers\gagp30kx.sys' was scanned with the Protection Cloud. SHA256 = 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3
The file 'C:\WINDOWS\System32\drivers\vmgencounter.sys' was scanned with the Protection Cloud. SHA256 = 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3
The file 'C:\WINDOWS\System32\drivers\hidir.sys' was scanned with the Protection Cloud. SHA256 = B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40
The file 'C:\WINDOWS\system32\drivers\HpSAMD.sys' was scanned with the Protection Cloud. SHA256 = D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096
The file 'C:\WINDOWS\System32\drivers\hyperkbd.sys' was scanned with the Protection Cloud. SHA256 = C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38
The file 'C:\WINDOWS\system32\DRIVERS\HyperVideo.sys' was scanned with the Protection Cloud. SHA256 = 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D
The file 'C:\Windows\jmesoft\Service.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = F60A1EFFD7EB9D69620E971AB30D3FF4138D233A6EDE51CFD1BE8CCB5776E321
The file 'C:\Program Files\Lenovo\iMController\SystemAgentService.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3
The file 'C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361
The file 'C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = ABE3D935125BB0F15E4112F81380B1AFA64977C1296B185640F9764BAAD5868D
The file 'C:\WINDOWS\SysWOW64\NLSSRV32.EXE' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 534147B06D7AC6C508D88362958B80ED121924E2DD9B0773D2ECBA56B7DDF97F
The file 'C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys' was scanned with the Protection Cloud. SHA256 = 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A
The file 'C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys' was scanned with the Protection Cloud. SHA256 = E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334
The file 'C:\WINDOWS\system32\drivers\iaStorAV.sys' was scanned with the Protection Cloud. SHA256 = 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079
The file 'C:\WINDOWS\system32\drivers\iaStorV.sys' was scanned with the Protection Cloud. SHA256 = 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0
The file 'C:\WINDOWS\system32\drivers\RTKVHD64.sys' was scanned with the Protection Cloud. SHA256 = B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0
The file 'C:\WINDOWS\system32\drivers\intelide.sys' was scanned with the Protection Cloud. SHA256 = 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00
The file 'C:\WINDOWS\System32\drivers\IPMIDrv.sys' was scanned with the Protection Cloud. SHA256 = 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D
The file 'C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe' was scanned with the Protection Cloud. SHA256 = 0818FCF23E0C795DFDB72A7215973D801E6559818F5A4AF050E0994522B6EAF7
The file 'C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe' was scanned with the Protection Cloud. SHA256 = 1CA88470D6ECCF84BE23A71B1198B42107789EFD6EE7A37B2F880380F888FC83
The file 'C:\WINDOWS\system32\drivers\lsi_sas.sys' was scanned with the Protection Cloud. SHA256 = E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F
The file 'C:\WINDOWS\system32\drivers\lsi_sas2.sys' was scanned with the Protection Cloud. SHA256 = 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F
The file 'C:\WINDOWS\system32\drivers\lsi_sas3.sys' was scanned with the Protection Cloud. SHA256 = 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60
The file 'C:\WINDOWS\system32\drivers\lsi_sss.sys' was scanned with the Protection Cloud. SHA256 = 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85
The file 'C:\WINDOWS\system32\drivers\mbam.sys' was scanned with the Protection Cloud. SHA256 = DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D
The file 'C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe' was scanned with the Protection Cloud. SHA256 = B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14
The file 'C:\WINDOWS\system32\drivers\mwac.sys' was scanned with the Protection Cloud. SHA256 = EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05
The file 'C:\WINDOWS\system32\drivers\megasas.sys' was scanned with the Protection Cloud. SHA256 = 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D
The file 'C:\WINDOWS\system32\drivers\megasr.sys' was scanned with the Protection Cloud. SHA256 = B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469
The file 'C:\WINDOWS\system32\drivers\mfeelamk.sys' was scanned with the Protection Cloud. SHA256 = 06BDEE2B5325E605774C095D9DADFF5E6E124259482C4B7D9E74F1CEDC5A194E
The file 'C:\WINDOWS\system32\DRIVERS\mfencbdc.sys' was scanned with the Protection Cloud. SHA256 = 8E259BA5356F82546E264A7F6BCAEBBA2A9A0D0335EAB0FE420BCA684B9EB31E
The file 'C:\WINDOWS\system32\DRIVERS\mfencrk.sys' was scanned with the Protection Cloud. SHA256 = 97FB15DFA04EE4CCC6AA0C556AA84EC813D4362AC9906D3D932132C737F27B4A
The file 'C:\WINDOWS\system32\drivers\mvumis.sys' was scanned with the Protection Cloud. SHA256 = F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324
The file 'C:\WINDOWS\System32\drivers\netvsc63.sys' was scanned with the Protection Cloud. SHA256 = 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA
The file 'C:\WINDOWS\system32\DRIVERS\NETwew02.sys' was scanned with the Protection Cloud. SHA256 = CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C
The file 'C:\WINDOWS\system32\drivers\nvraid.sys' was scanned with the Protection Cloud. SHA256 = CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5
The file 'C:\WINDOWS\system32\drivers\nvstor.sys' was scanned with the Protection Cloud. SHA256 = 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2
The file 'C:\WINDOWS\system32\drivers\nv_agp.sys' was scanned with the Protection Cloud. SHA256 = 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892
The file 'c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF
The file 'C:\Program Files\CyberLink\Shared files\RichVideo64.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E
The file 'C:\WINDOWS\System32\Drivers\RtsUVStor.sys' was scanned with the Protection Cloud. SHA256 = C4F6EC9B3BA4FA39926673F39BA3A183CDB7FFC04404F115779C7397C482A795
The file 'C:\WINDOWS\system32\DRIVERS\Rt630x64.sys' was scanned with the Protection Cloud. SHA256 = A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B
The file 'C:\WINDOWS\System32\drivers\vms3cap.sys' was scanned with the Protection Cloud. SHA256 = 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263
The file 'C:\WINDOWS\system32\drivers\SiSRaid2.sys' was scanned with the Protection Cloud. SHA256 = 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835
The file 'C:\WINDOWS\system32\drivers\sisraid4.sys' was scanned with the Protection Cloud. SHA256 = 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4
The file 'C:\WINDOWS\system32\DRIVERS\ssudmdm.sys' was scanned with the Protection Cloud. SHA256 = 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259
The file 'C:\WINDOWS\system32\drivers\stexstor.sys' was scanned with the Protection Cloud. SHA256 = 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8
The file 'C:\WINDOWS\system32\drivers\storahci.sys' was scanned with the Protection Cloud. SHA256 = 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30
The file 'C:\WINDOWS\system32\drivers\vmstorfl.sys' was scanned with the Protection Cloud. SHA256 = C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43
The file 'C:\WINDOWS\system32\drivers\storvsc.sys' was scanned with the Protection Cloud. SHA256 = D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D
The file 'C:\WINDOWS\system32\drivers\uagp35.sys' was scanned with the Protection Cloud. SHA256 = FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468
The file 'C:\WINDOWS\system32\drivers\uliagpkx.sys' was scanned with the Protection Cloud. SHA256 = 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98
The file 'C:\WINDOWS\System32\drivers\usbscan.sys' was scanned with the Protection Cloud. SHA256 = 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4
The file 'C:\WINDOWS\system32\drivers\viaide.sys' was scanned with the Protection Cloud. SHA256 = 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68
The file 'C:\WINDOWS\system32\drivers\vmbus.sys' was scanned with the Protection Cloud. SHA256 = 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21
The file 'C:\WINDOWS\System32\drivers\VMBusHID.sys' was scanned with the Protection Cloud. SHA256 = 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8
The file 'C:\WINDOWS\System32\drivers\vpci.sys' was scanned with the Protection Cloud. SHA256 = 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4
The file 'C:\WINDOWS\system32\drivers\vsmraid.sys' was scanned with the Protection Cloud. SHA256 = DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C
The file 'C:\WINDOWS\system32\drivers\vstxraid.sys' was scanned with the Protection Cloud. SHA256 = 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5
The file 'C:\WINDOWS\system32\DRIVERS\wsvd.sys' was scanned with the Protection Cloud. SHA256 = 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D
The file 'C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll' was scanned with the Protection Cloud. SHA256 = 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5
The file 'C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe' was scanned with the Protection Cloud. SHA256 = 81C12B054E2AB7412850E92A0BEC080C26A99843EEB8F96B0DFEFE90B93F4F27
The registry was scanned ( '1345' files ).



End of the scan: Samstag, 21. November 2015  15:10
Used time: 00:51 Minute(s)

The scan has been done completely.

      0 Scanned directories
   2396 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
   2396 Files not concerned
      8 Archives were scanned
      0 Warnings
      0 Notes
         
Code:
ATTFilter
Antivirus Pro
Report file date: Samstag, 21. November 2015  17:15


The program is running as an unrestricted full version.
Online services are available.

Licensee        : MARIA TORN
Serial number   : 2228793262-PEPWM-0000003
Platform        : Windows 8.1
Windows version : (plain)  [6.3.9600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : HIKARU-UKE

Version information:
build.dat       : 15.0.14.259    92306 Bytes  28.10.2015 18:21:00
AVSCAN.EXE      : 15.0.14.257  1175480 Bytes  28.10.2015 17:21:49
AVSCANRC.DLL    : 15.0.14.233    56944 Bytes  28.10.2015 17:21:49
LUKE.DLL        : 15.0.14.257    68280 Bytes  28.10.2015 17:21:53
AVSCPLR.DLL     : 15.0.14.257   106352 Bytes  28.10.2015 17:21:49
REPAIR.DLL      : 15.0.14.257   539520 Bytes  28.10.2015 17:21:49
repair.rdf      : 1.0.12.26    1339400 Bytes  21.11.2015 14:08:36
AVREG.DLL       : 15.0.14.256   346312 Bytes  28.10.2015 17:21:49
avlode.dll      : 15.0.14.257   675424 Bytes  28.10.2015 17:21:49
avlode.rdf      : 14.0.5.6       84211 Bytes  28.10.2015 17:21:49
XBV00029.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00030.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00031.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00032.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00033.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00034.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00035.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00036.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00037.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00038.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00039.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00040.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00041.VDF    : 8.11.165.190     2048 Bytes  07.08.2014 17:21:54
XBV00090.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00091.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00092.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00093.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00094.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00095.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00096.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00097.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00098.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00099.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00100.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00101.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00102.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00103.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00104.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00105.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00106.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00107.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00108.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:05
XBV00109.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00110.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00111.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00112.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00113.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00114.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00115.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00116.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00117.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00118.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00119.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00120.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00121.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00122.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00123.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00124.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00125.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00126.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00127.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00128.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00129.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00130.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00131.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00132.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00133.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:06
XBV00134.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00135.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00136.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00137.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00138.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00139.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00140.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00141.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00142.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00143.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00144.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00145.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00146.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00147.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00148.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00149.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00150.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00151.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00152.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00153.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00154.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00155.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:07
XBV00156.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00157.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00158.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00159.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00160.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00161.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00162.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00163.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00164.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00165.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00166.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00167.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00168.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00169.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00170.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00171.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00172.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00173.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00174.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00175.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00176.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00177.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00178.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00179.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00180.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00181.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:08
XBV00182.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00183.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00184.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00185.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00186.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00187.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00188.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00189.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00190.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00191.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00192.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00193.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00194.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00195.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00196.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00197.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00198.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00199.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00200.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00201.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00202.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00203.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00204.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:09
XBV00205.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00206.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00207.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00208.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00209.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00210.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00211.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00212.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00213.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00214.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00215.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00216.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00217.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00218.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00219.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00220.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00221.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00222.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00223.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00224.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00225.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00226.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00227.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00228.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00229.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:10
XBV00230.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00231.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00232.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00233.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00234.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00235.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00236.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00237.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00238.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00239.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00240.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00241.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00242.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00243.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00244.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00245.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00246.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00247.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00248.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00249.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00250.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00251.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:11
XBV00252.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00253.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00254.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00255.VDF    : 8.12.28.114     2048 Bytes  17.11.2015 14:08:12
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 17:21:54
XBV00001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 17:21:54
XBV00002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 17:21:54
XBV00003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 17:21:54
XBV00004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 17:21:54
XBV00005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 17:21:54
XBV00006.VDF    : 7.11.139.38 15708672 Bytes  27.03.2014 17:21:54
XBV00007.VDF    : 7.11.152.100  4193792 Bytes  02.06.2014 17:21:54
XBV00008.VDF    : 8.11.165.192  4251136 Bytes  07.08.2014 17:21:54
XBV00009.VDF    : 8.11.172.30  2094080 Bytes  15.09.2014 17:21:54
XBV00010.VDF    : 8.11.178.32  1581056 Bytes  14.10.2014 17:21:54
XBV00011.VDF    : 8.11.184.50  2178560 Bytes  11.11.2014 17:21:54
XBV00012.VDF    : 8.11.190.32  1876992 Bytes  03.12.2014 17:21:54
XBV00013.VDF    : 8.11.201.28  2973696 Bytes  14.01.2015 17:21:54
XBV00014.VDF    : 8.11.206.252  2695680 Bytes  04.02.2015 17:21:54
XBV00015.VDF    : 8.11.213.84  3175936 Bytes  03.03.2015 17:21:54
XBV00016.VDF    : 8.11.213.176   212480 Bytes  05.03.2015 17:21:54
XBV00017.VDF    : 8.11.219.166  2033664 Bytes  25.03.2015 17:21:54
XBV00018.VDF    : 8.11.225.88  2367488 Bytes  22.04.2015 17:21:54
XBV00019.VDF    : 8.11.230.186  1674752 Bytes  13.05.2015 17:21:54
XBV00020.VDF    : 8.11.237.30  4711936 Bytes  02.06.2015 17:21:54
XBV00021.VDF    : 8.11.243.12  2747904 Bytes  26.06.2015 17:21:54
XBV00022.VDF    : 8.11.248.172  2350592 Bytes  17.07.2015 17:21:54
XBV00023.VDF    : 8.11.254.112  2570752 Bytes  07.08.2015 17:21:54
XBV00024.VDF    : 8.12.3.6     2196480 Bytes  27.08.2015 17:21:54
XBV00025.VDF    : 8.12.8.238   1951232 Bytes  16.09.2015 17:21:54
XBV00026.VDF    : 8.12.16.180  2211328 Bytes  07.10.2015 17:21:54
XBV00027.VDF    : 8.12.21.126  2252288 Bytes  27.10.2015 17:21:54
XBV00028.VDF    : 8.12.28.114  2935296 Bytes  17.11.2015 14:08:02
XBV00042.VDF    : 8.12.28.118    33792 Bytes  17.11.2015 14:08:02
XBV00043.VDF    : 8.12.28.122    39424 Bytes  17.11.2015 14:08:02
XBV00044.VDF    : 8.12.28.124     2048 Bytes  18.11.2015 14:08:02
XBV00045.VDF    : 8.12.28.128    51712 Bytes  18.11.2015 14:08:02
XBV00046.VDF    : 8.12.28.130     2048 Bytes  18.11.2015 14:08:02
XBV00047.VDF    : 8.12.28.132    14336 Bytes  18.11.2015 14:08:02
XBV00048.VDF    : 8.12.28.158    10752 Bytes  18.11.2015 14:08:02
XBV00049.VDF    : 8.12.28.184     5632 Bytes  18.11.2015 14:08:02
XBV00050.VDF    : 8.12.28.210     3584 Bytes  18.11.2015 14:08:02
XBV00051.VDF    : 8.12.28.236    10240 Bytes  18.11.2015 14:08:02
XBV00052.VDF    : 8.12.29.6      27136 Bytes  18.11.2015 14:08:02
XBV00053.VDF    : 8.12.29.8       3072 Bytes  18.11.2015 14:08:03
XBV00054.VDF    : 8.12.29.10     15360 Bytes  18.11.2015 14:08:03
XBV00055.VDF    : 8.12.29.12      2048 Bytes  18.11.2015 14:08:03
XBV00056.VDF    : 8.12.29.14      2048 Bytes  18.11.2015 14:08:03
XBV00057.VDF    : 8.12.29.16     13312 Bytes  18.11.2015 14:08:03
XBV00058.VDF    : 8.12.29.18      2048 Bytes  18.11.2015 14:08:03
XBV00059.VDF    : 8.12.29.20     15360 Bytes  18.11.2015 14:08:03
XBV00060.VDF    : 8.12.29.22      6144 Bytes  18.11.2015 14:08:03
XBV00061.VDF    : 8.12.29.24      6144 Bytes  18.11.2015 14:08:03
XBV00062.VDF    : 8.12.29.26     13312 Bytes  18.11.2015 14:08:03
XBV00063.VDF    : 8.12.29.28     15872 Bytes  18.11.2015 14:08:03
XBV00064.VDF    : 8.12.29.52     39424 Bytes  19.11.2015 14:08:03
XBV00065.VDF    : 8.12.29.72      8192 Bytes  19.11.2015 14:08:03
XBV00066.VDF    : 8.12.29.92     13824 Bytes  19.11.2015 14:08:03
XBV00067.VDF    : 8.12.29.112     2048 Bytes  19.11.2015 14:08:03
XBV00068.VDF    : 8.12.29.156    62464 Bytes  19.11.2015 14:08:03
XBV00069.VDF    : 8.12.29.176     2048 Bytes  19.11.2015 14:08:03
XBV00070.VDF    : 8.12.29.196    17408 Bytes  19.11.2015 14:08:03
XBV00071.VDF    : 8.12.29.198     2048 Bytes  19.11.2015 14:08:04
XBV00072.VDF    : 8.12.29.200     2048 Bytes  19.11.2015 14:08:04
XBV00073.VDF    : 8.12.29.202     2048 Bytes  19.11.2015 14:08:04
XBV00074.VDF    : 8.12.29.204     2048 Bytes  19.11.2015 14:08:04
XBV00075.VDF    : 8.12.29.206    13312 Bytes  19.11.2015 14:08:04
XBV00076.VDF    : 8.12.29.210    37888 Bytes  20.11.2015 14:08:04
XBV00077.VDF    : 8.12.29.212     2048 Bytes  20.11.2015 14:08:04
XBV00078.VDF    : 8.12.29.252     2048 Bytes  20.11.2015 14:08:04
XBV00079.VDF    : 8.12.30.16     27136 Bytes  20.11.2015 14:08:04
XBV00080.VDF    : 8.12.30.56     11776 Bytes  20.11.2015 14:08:04
XBV00081.VDF    : 8.12.30.76     39936 Bytes  20.11.2015 14:08:04
XBV00082.VDF    : 8.12.30.78     17920 Bytes  20.11.2015 14:08:04
XBV00083.VDF    : 8.12.30.80      9728 Bytes  20.11.2015 14:08:04
XBV00084.VDF    : 8.12.30.82     10240 Bytes  20.11.2015 14:08:04
XBV00085.VDF    : 8.12.30.84      8704 Bytes  20.11.2015 14:08:04
XBV00086.VDF    : 8.12.30.86      8192 Bytes  20.11.2015 14:08:04
XBV00087.VDF    : 8.12.30.90     33792 Bytes  21.11.2015 14:08:04
XBV00088.VDF    : 8.12.30.92      2048 Bytes  21.11.2015 14:08:04
XBV00089.VDF    : 8.12.30.94     12288 Bytes  21.11.2015 14:08:05
LOCAL000.VDF    : 8.12.30.94  145329152 Bytes  21.11.2015 14:09:06
Engine version  : 8.3.34.76 
AEBB.DLL        : 8.1.3.0        59296 Bytes  21.11.2015 14:07:52
AECORE.DLL      : 8.3.9.0       249920 Bytes  21.11.2015 14:07:53
AEDROID.DLL     : 8.4.3.348    1800104 Bytes  21.11.2015 14:07:59
AEEMU.DLL       : 8.1.3.6       404328 Bytes  21.11.2015 14:07:53
AEEXP.DLL       : 8.4.2.134     277360 Bytes  21.11.2015 14:07:58
AEGEN.DLL       : 8.1.8.2       482424 Bytes  21.11.2015 14:07:53
AEHELP.DLL      : 8.3.2.6       284584 Bytes  21.11.2015 14:07:53
AEHEUR.DLL      : 8.1.4.2050   9894768 Bytes  21.11.2015 14:07:56
AEMOBILE.DLL    : 8.1.8.8       300968 Bytes  21.11.2015 14:07:59
AEOFFICE.DLL    : 8.3.1.56      408432 Bytes  28.10.2015 17:21:48
AEPACK.DLL      : 8.4.1.18      802880 Bytes  28.10.2015 17:21:48
AERDL.DLL       : 8.2.1.38      813928 Bytes  21.11.2015 14:07:57
AESBX.DLL       : 8.2.21.2     1629032 Bytes  21.11.2015 14:07:58
AESCN.DLL       : 8.3.4.0       141216 Bytes  21.11.2015 14:07:57
AESCRIPT.DLL    : 8.3.0.4       542632 Bytes  21.11.2015 14:07:57
AEVDF.DLL       : 8.3.2.4       141216 Bytes  21.11.2015 14:07:57
AVWINLL.DLL     : 15.0.14.233    29600 Bytes  28.10.2015 17:21:49
AVPREF.DLL      : 15.0.14.233    55864 Bytes  28.10.2015 17:21:49
AVREP.DLL       : 15.0.14.233   225320 Bytes  28.10.2015 17:21:49
AVARKT.DLL      : 15.0.14.233   231032 Bytes  28.10.2015 17:21:48
AVEVTLOG.DLL    : 15.0.14.258   200632 Bytes  28.10.2015 17:21:48
SQLITE3.DLL     : 15.0.14.233   460704 Bytes  28.10.2015 17:21:53
AVSMTP.DLL      : 15.0.14.233    82120 Bytes  28.10.2015 17:21:49
NETNT.DLL       : 15.0.14.233    18792 Bytes  28.10.2015 17:21:53
CommonImageRc.dll: 15.0.14.233  4309752 Bytes  28.10.2015 17:21:53
CommonTextRc.dll: 15.0.14.237    68792 Bytes  28.10.2015 17:21:53

Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\Antivirus\TEMP\AVGUARD_56507a9f\guard_slideup.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete

Start of the scan: Samstag, 21. November 2015  17:15

The scan of running processes will be started:
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '16' Module(s) have been scanned
Scan process 'dwm.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '165' Module(s) have been scanned
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'atieclxx.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '97' Module(s) have been scanned
Scan process 'hmpsched.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '71' Module(s) have been scanned
Scan process 'spoolsv.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '75' Module(s) have been scanned
Scan process 'armsvc.exe' - '27' Module(s) have been scanned
Scan process 'Fuel.Service.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '58' Module(s) have been scanned
Scan process 'dashost.exe' - '22' Module(s) have been scanned
Scan process 'Service.exe' - '15' Module(s) have been scanned
Scan process 'SystemAgentService.exe' - '39' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '49' Module(s) have been scanned
Scan process 'NitroPDFDriverService9x64.exe' - '16' Module(s) have been scanned
Scan process 'NLSSRV32.EXE' - '16' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '22' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '48' Module(s) have been scanned
Scan process 'Explorer.EXE' - '245' Module(s) have been scanned
Scan process 'taskhostex.exe' - '49' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '37' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '44' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '45' Module(s) have been scanned
Scan process 'StikyNot.exe' - '42' Module(s) have been scanned
Scan process 'chrome.exe' - '119' Module(s) have been scanned
Scan process 'RunDll32.exe' - '57' Module(s) have been scanned
Scan process 'hotkey.exe' - '35' Module(s) have been scanned
Scan process 'JME_LOAD.exe' - '38' Module(s) have been scanned
Scan process 'chrome.exe' - '67' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '41' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '33' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '24' Module(s) have been scanned
Scan process 'chrome.exe' - '49' Module(s) have been scanned
Scan process 'pdf24.exe' - '43' Module(s) have been scanned
Scan process 'GWX.exe' - '38' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '109' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '142' Module(s) have been scanned
Scan process 'MOM.exe' - '68' Module(s) have been scanned
Scan process 'CCC.exe' - '228' Module(s) have been scanned
Scan process 'avguard.exe' - '129' Module(s) have been scanned
Scan process 'avshadow.exe' - '30' Module(s) have been scanned
Scan process 'avmailc7.exe' - '54' Module(s) have been scanned
Scan process 'sched.exe' - '83' Module(s) have been scanned
Scan process 'avwebg7.exe' - '51' Module(s) have been scanned
Scan process 'avgnt.exe' - '112' Module(s) have been scanned
Scan process 'mbam.exe' - '102' Module(s) have been scanned
Scan process 'taskeng.exe' - '28' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '36' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '26' Module(s) have been scanned
Scan process 'avscan.exe' - '113' Module(s) have been scanned
Scan process 'wininit.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '66' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned

Starting the file scan:

Begin scan in 'C:\Users\Hikaru\Desktop\FRST64.exe'
AUC login request succeed.
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Hikaru\Desktop\FRST64.exe' was scanned with the Protection Cloud. SHA256 = 40731FAF4EE3507E0BDBBDE95024F925D0400CE1FC0B38D7D66EBA532CBE00FC
AUC reports URL: hxxp://dl.filepony.de/frst64.exe as 'Safe'.
C:\Users\Hikaru\Desktop\FRST64.exe (SHA-256: 40731faf4ee3507e0bdbbde95024f925d0400ce1fc0b38d7d66eba532cbe00fc)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)

Beginning disinfection:
C:\Users\Hikaru\Desktop\FRST64.exe (SHA-256: 40731faf4ee3507e0bdbbde95024f925d0400ce1fc0b38d7d66eba532cbe00fc)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
  [NOTE]      The file was moved to the quarantine directory under the name '5305341a.qua'!


End of the scan: Samstag, 21. November 2015  17:16
Used time: 00:18 Minute(s)

The scan has been done completely.

      0 Scanned directories
   1097 Files were scanned
      1 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      1 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
   1096 Files not concerned
      7 Archives were scanned
      0 Warnings
      1 Notes


The scan results will be transferred to the Guard.
         

Alt 21.11.2015, 19:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.11.2015, 00:03   #3
ship-S
 
Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Erstmal Danke !
Die 64 bit Version ist die richtige ,aber es kommt diese Meldung :
Nicht genügend Systemressourcen um den angeforderten Dienst auszuführen.
Ich habe keine ahnung von solchen Dingen und wollte fragen ob
die Lösung dafür auf der seite das richtige ist ?

hxxp://www.cobble-it.de/betriebssystem/windows-fehler-nicht-genugend-systemressourcen-um-den-angeforderten-dienst-auszufuhren
__________________

Alt 22.11.2015, 07:52   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Einfach Rechner neu starten und AV Programm abschalten, dann nochmal FRST
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.11.2015, 12:37   #5
ship-S
 
Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



okay.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von Hikaru (Administrator) auf HIKARU-UKE (22-11-2015 12:31:16)
Gestartet von C:\Users\Hikaru\Desktop
Geladene Profile: Hikaru (Verfügbare Profile: Hikaru)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\LVT\LJYZ.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [788176 2015-10-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-239342230-206131414-3666733320-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-239342230-206131414-3666733320-1002\...\Run: [GoogleChromeAutoLaunch_592333F42A0D1CD48BDC7C5A423F80B7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-239342230-206131414-3666733320-1002\...\MountPoints2: {b19c957d-1275-11e5-8260-4437e6e88be4} - "E:\LGAutoRun.exe" 
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-04] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-04] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FamilySafetyGuide.lnk [2014-09-24]
ShortcutTarget: FamilySafetyGuide.lnk -> C:\Program Files\Lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe ()
Startup: C:\Users\Hikaru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk [2015-11-22]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{96604606-4D3D-495F-AEC9-3DE53E24862E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-239342230-206131414-3666733320-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002 -> DefaultScope {16C56A97-C4BD-433D-9355-D9B3814853D9} URL = 
SearchScopes: HKU\S-1-5-21-239342230-206131414-3666733320-1002 -> {16C56A97-C4BD-433D-9355-D9B3814853D9} URL = 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Hikaru\AppData\Roaming\Mozilla\Firefox\Profiles\Iqi8z2g5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-02-14] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL => Keine Datei
CHR Profile: C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-21]
CHR Extension: („Pin it“-Button) - C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-11-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Hikaru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-02] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [936544 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1105952 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [250136 2015-11-03] (Avira Operations GmbH & Co. KG)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-11-14] (SurfRight B.V.)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [Datei ist nicht signiert]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-22] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McNaiAnn; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-28] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2015-11-22] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-22] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [482600 2015-01-15] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100720 2015-01-15] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-22 12:31 - 2015-11-22 12:32 - 00017306 _____ C:\Users\Hikaru\Desktop\FRST.txt
2015-11-22 12:31 - 2015-11-22 12:31 - 00000000 ____D C:\FRST
2015-11-22 12:25 - 2015-11-22 12:25 - 02345984 _____ (Farbar) C:\Users\Hikaru\Desktop\FRST64.exe
2015-11-22 12:23 - 2015-11-22 12:30 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-11-21 17:14 - 2015-11-21 17:14 - 00000000 _____ C:\Users\Hikaru\defogger_reenable
2015-11-21 17:10 - 2015-11-21 17:10 - 00380416 _____ C:\Users\Hikaru\Desktop\Gmer-19357.exe
2015-11-21 17:09 - 2015-11-21 17:09 - 00050477 _____ C:\Users\Hikaru\Desktop\Defogger.exe
2015-11-21 15:07 - 2015-11-21 15:07 - 00000000 ____D C:\Users\Hikaru\AppData\Roaming\Avira
2015-11-21 15:06 - 2015-10-28 18:21 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-11-21 15:06 - 2015-10-28 18:21 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-11-21 15:06 - 2015-10-28 18:21 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-11-21 15:06 - 2015-10-28 18:21 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-11-21 15:02 - 2015-11-21 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-21 15:02 - 2015-11-21 15:02 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-21 15:02 - 2015-11-21 15:02 - 00000000 ____D C:\Users\Hikaru\AppData\Roaming\Mozilla
2015-11-21 14:55 - 2015-11-21 14:55 - 04584344 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hikaru\Downloads\avira_en_avpro_3006843138_9h9sbhuytguqvtgxvcrk_wd.exe
2015-11-21 14:08 - 2015-11-21 14:08 - 00281088 _____ C:\WINDOWS\Minidump\112115-26140-01.dmp
2015-11-18 14:34 - 2015-11-19 15:11 - 00000363 _____ C:\Users\Hikaru\Documents\passpor.txt
2015-11-17 19:38 - 2015-11-21 14:08 - 3143129657 _____ C:\WINDOWS\MEMORY.DMP
2015-11-17 19:38 - 2015-11-21 14:08 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-17 19:38 - 2015-11-17 19:38 - 00281144 _____ C:\WINDOWS\Minidump\111715-15890-01.dmp
2015-11-14 17:03 - 2015-11-14 17:03 - 00001681 _____ C:\Users\Hikaru\Documents\animehimopening.txt
2015-11-12 12:30 - 2015-11-12 17:57 - 00002936 _____ C:\Users\Hikaru\Documents\widerspruch.txt
2015-11-11 14:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 14:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 14:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 14:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 14:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 14:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 14:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 14:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 14:04 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 14:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 14:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 14:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 14:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 14:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 14:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 14:04 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 14:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 14:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 14:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 14:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 14:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 14:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 14:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 14:04 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 14:04 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 14:04 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 14:04 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 14:04 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 14:04 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 14:04 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 14:04 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 14:04 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 14:04 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 14:04 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 14:04 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 14:04 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 14:04 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 14:04 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 14:04 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 14:04 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 14:04 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 14:04 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 14:04 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 14:04 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 14:04 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 14:04 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 14:04 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 14:04 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 14:04 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 14:04 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 14:04 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 14:04 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 14:04 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 14:04 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 14:04 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 14:04 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 14:04 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 14:04 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 14:04 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 14:04 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 14:04 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 14:04 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 14:04 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 14:04 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 14:04 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 14:04 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 14:04 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 14:04 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 14:04 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 14:04 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 14:03 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 14:03 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 14:03 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 14:03 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 14:03 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 14:03 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 14:03 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 14:03 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-01 20:05 - 2015-11-01 20:05 - 00397681 _____ C:\Users\Hikaru\Downloads\akino-hideo.mp4
2015-11-01 16:55 - 2015-11-01 16:55 - 00000000 _____ C:\Users\Hikaru\Documents\badamae.txt
2015-10-31 19:26 - 2015-10-31 19:27 - 11599339 _____ C:\Users\Hikaru\Downloads\48_promise__cmyk.tif
2015-10-31 19:25 - 2015-10-31 19:25 - 12525099 _____ C:\Users\Hikaru\Downloads\47_promise_cmyk.tif
2015-10-31 13:24 - 2015-10-31 13:24 - 00000000 ____D C:\Users\Hikaru\AppData\Roaming\WebApp
2015-10-31 13:22 - 2015-10-31 13:22 - 00000000 ____D C:\Users\Hikaru\Documents\CyberLink
2015-10-31 13:22 - 2015-10-31 13:22 - 00000000 ____D C:\Users\Hikaru\AppData\Roaming\CyberLink
2015-10-28 20:16 - 2015-10-28 20:16 - 01812604 _____ C:\Users\Hikaru\Downloads\Zap Illustrator Laser Templates.zip
2015-10-28 20:16 - 2015-10-28 20:16 - 00280028 _____ C:\Users\Hikaru\Downloads\Zap Inkscape Laser Templates.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-22 12:30 - 2015-06-30 21:20 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 12:29 - 2014-09-24 23:36 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-11-22 12:29 - 2013-08-22 15:46 - 00044940 _____ C:\WINDOWS\setupact.log
2015-11-22 12:29 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-22 12:26 - 2014-09-24 23:35 - 01575288 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-22 12:26 - 2014-03-18 10:44 - 00635444 _____ C:\WINDOWS\PFRO.log
2015-11-22 12:25 - 2015-06-18 00:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 12:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-22 00:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-21 23:52 - 2015-07-02 12:03 - 00000000 ____D C:\Users\Hikaru\Downloads\skulls
2015-11-21 23:52 - 2015-06-11 04:42 - 00000000 ____D C:\Users\Hikaru\Documents\testPROGI
2015-11-21 23:46 - 2015-06-10 22:32 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-239342230-206131414-3666733320-1002
2015-11-21 23:43 - 2015-06-11 03:06 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46F539D4-AD78-4C5F-8645-210167BC4405}
2015-11-21 23:41 - 2015-06-30 21:20 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-21 18:14 - 2015-06-11 15:20 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-21 17:37 - 2015-09-12 19:13 - 00000000 ____D C:\Users\Hikaru\Downloads\virus
2015-11-21 17:14 - 2015-06-10 22:27 - 00000000 ____D C:\Users\Hikaru
2015-11-21 16:51 - 2014-09-25 09:24 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-21 16:51 - 2014-09-25 09:24 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-21 16:51 - 2014-03-18 10:53 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-21 15:06 - 2015-06-17 20:09 - 00000000 ____D C:\ProgramData\Avira
2015-11-21 15:06 - 2015-06-17 20:09 - 00000000 ____D C:\Program Files (x86)\Avira
2015-11-21 15:02 - 2014-09-24 23:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-21 15:01 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-20 14:24 - 2015-07-20 21:35 - 00020714 _____ C:\Users\Hikaru\Documents\AKICHARAAND THEGRITTIER.txt
2015-11-20 13:45 - 2015-06-10 23:50 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys
2015-11-19 13:31 - 2015-06-11 03:15 - 00000000 ____D C:\Users\Hikaru\Documents\scans
2015-11-15 21:46 - 2015-08-07 07:01 - 00000000 ____D C:\Users\Hikaru\Downloads\mamas
2015-11-14 10:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-14 10:13 - 2015-10-17 12:40 - 00000572 _____ C:\WINDOWS\system32\.crusader
2015-11-14 10:04 - 2013-08-22 15:44 - 00382152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-13 22:22 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-13 18:16 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-13 18:08 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-13 18:06 - 2015-06-11 17:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 18:02 - 2015-06-11 17:13 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 19:42 - 2015-06-30 21:20 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 19:14 - 2015-06-11 15:20 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 01:23 - 2015-06-11 17:37 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-06-11 17:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 17:47 - 2015-06-11 11:51 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 17:47 - 2015-06-11 11:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-31 13:23 - 2014-09-24 23:50 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-28 16:58 - 2015-10-17 12:06 - 00000000 ____D C:\AdwCleaner
2015-10-27 17:46 - 2015-06-11 03:04 - 00025684 _____ C:\Users\Hikaru\Documents\Google Maps Street View.txt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-11 00:08 - 2015-06-11 00:08 - 0000011 _____ () C:\ProgramData\.tv7
2015-06-11 04:21 - 2015-06-11 04:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-09-24 23:35 - 2014-09-24 23:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-10 23:50 - 2015-11-20 13:45 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Einige Dateien in TEMP:
====================
C:\Users\Hikaru\AppData\Local\Temp\avgnt.exe
C:\Users\Hikaru\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Hikaru\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Hikaru\AppData\Local\Temp\pdf24-creator-update.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-17 16:48

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von Hikaru (2015-11-22 12:32:59)
Gestartet von C:\Users\Hikaru\Desktop
Windows 8.1 (X64) (2015-06-10 21:27:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-239342230-206131414-3666733320-500 - Administrator - Disabled)
Gast (S-1-5-21-239342230-206131414-3666733320-501 - Limited - Disabled)
Hikaru (S-1-5-21-239342230-206131414-3666733320-1002 - Administrator - Enabled) => C:\Users\Hikaru

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-239342230-206131414-3666733320-1002\...\Amazon Amazon Music) (Version: 3.10.1.1000 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{3B367DD2-6E0F-ADBE-4510-5DD3F3B9D92A}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{529e47ba-e07b-414b-ae0b-1d17f85738f1}) (Version: 1.1.50.18326 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.50.18326 - Avira Operations GmbH & Co. KG) Hidden
BEACON (HKLM-x32\...\{259BF8E7-28DB-461F-8D7F-7B6E267D2502}_is1) (Version: 1.4.0509.0 - Lenovo Inc.)
CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.3.8 - CELSYS)
Content (x32 Version: 1.00.0000 - Your Company Name) Hidden
Corel Painter 11 - ICA (x32 Version: 11.0 - Corel Corporation) Hidden
Corel Painter 11 - IPM (x32 Version: 011 - Corel Corporation) Hidden
Corel Painter 11 (HKLM-x32\...\_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}) (Version:  - Corel Corporation)
Corel Painter 11 (x32 Version: 11.0 - Corel Corporation) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1602 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2751 - Hightail, Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{6D7FCC52-8DDA-441C-849A-4BB7C7E3BF2E}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
IconHandler 32 bit (x32 Version: 2.0 - Corel Corporation) Hidden
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
Langauge (x32 Version: 1.00.0000 - Your Company Name) Hidden
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 1.0.11.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{237990BC-415C-4CE8-B279-37892516D9F2}) (Version: 9.0.6.20 - Nitro)
PDF24 Creator 7.0.6 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Studie zur Verbesserung von HP Deskjet 2540 series (HKLM\...\{E1949FF0-9835-41AC-81E4-E6D9CDCBE49E}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

05-11-2015 23:35:35 Geplanter Prüfpunkt
13-11-2015 12:17:43 Geplanter Prüfpunkt
20-11-2015 13:35:34 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07C46A96-D7B7-4CF2-BF1C-206E5575C72A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {14741805-5D43-4A23-A500-70A1589D4184} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.)
Task: {3B2DAE9D-6692-47F9-B0CB-267FD607CDAD} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {45DA55EA-769E-4134-B2E0-498F33E307BA} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {4CD8EF42-014C-431C-B40B-52AE61986C4E} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {5B16F67E-3F39-434F-A99F-4B4B596357FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {8B4FACFD-472C-46C5-AE39-2C9D6B3F1367} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {944EC7A6-A629-4835-9DF6-C1844F6CDD7E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {A738AFB9-328A-459E-9D9B-59E4BD0E5AD7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C038A736-CBF1-4FDB-AC42-7E671ACFE418} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {CF1C55DF-98C9-4966-86DB-67519D498B3D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {D2C3158B-469C-4767-A16E-F0C4DB458108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-09-24 23:36 - 2011-08-16 19:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-09-24 23:51 - 2013-05-14 19:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-24 23:53 - 2013-07-11 08:30 - 01214464 _____ () C:\Program Files\lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe
2014-09-24 23:36 - 2011-08-16 19:46 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2015-11-11 19:42 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 19:42 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2014-09-24 23:36 - 2011-05-17 12:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-04 15:59 - 2009-12-04 15:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 16:04 - 2009-12-04 16:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2015-06-11 03:05 - 2015-07-21 10:43 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-06-11 03:05 - 2015-07-21 10:43 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-239342230-206131414-3666733320-1002\Control Panel\Desktop\\Wallpaper -> E:\p-es lohnt sich\manga\my anime clip\woah!.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{05804A18-B410-462F-BFB6-5C779B59475F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{71113D8F-B56B-43BF-8824-037E61A53747}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1E1D15FF-4D5B-4EF4-BBCF-EC71C0F86424}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{3557079B-C9EC-4511-87BC-D058F1A138B1}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F2E8AB92-3E7D-444E-8323-07D2CD4E5F3C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0A1E8F1D-AD34-445E-BE66-18C60131318A}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C6C61864-C1F7-4B26-A1B7-FB80D7C895E1}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A414C907-CF5F-4532-9982-D8F0677E24D1}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{CEDC01ED-A510-4C04-B063-CA12B4C93B19}] => (Allow) LPort=5357
FirewallRules: [{EA9FFA53-1F69-4F3F-999B-47653B7FD586}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{62923A26-3354-4756-8D2A-116BDDFCD275}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2C6A409F-A7D8-4D9A-8DF1-364BBE1D65CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/21/2015 03:32:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003d6f4
ID des fehlerhaften Prozesses: 0xa58
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/21/2015 03:23:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003d6f4
ID des fehlerhaften Prozesses: 0x1288
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/21/2015 02:39:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003d6f4
ID des fehlerhaften Prozesses: 0xca4
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/17/2015 08:02:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.14.257, Zeitstempel: 0x56261f38
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003d6f4
ID des fehlerhaften Prozesses: 0xf90
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/14/2015 07:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WUDFHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450412e
Name des fehlerhaften Moduls: amdocl64.dll, Version: 10.0.1411.4, Zeitstempel: 0x533bcde5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000c67d8f
ID des fehlerhaften Prozesses: 0x11a4
Startzeit der fehlerhaften Anwendung: 0xWUDFHost.exe0
Pfad der fehlerhaften Anwendung: WUDFHost.exe1
Pfad des fehlerhaften Moduls: WUDFHost.exe2
Berichtskennung: WUDFHost.exe3
Vollständiger Name des fehlerhaften Pakets: WUDFHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WUDFHost.exe5

Error: (11/12/2015 09:54:38 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (11/04/2015 00:06:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avwebg7.exe, Version: 15.0.13.210, Zeitstempel: 0x5612794b
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f7ce6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000a7666
ID des fehlerhaften Prozesses: 0x9d4
Startzeit der fehlerhaften Anwendung: 0xavwebg7.exe0
Pfad der fehlerhaften Anwendung: avwebg7.exe1
Pfad des fehlerhaften Moduls: avwebg7.exe2
Berichtskennung: avwebg7.exe3
Vollständiger Name des fehlerhaften Pakets: avwebg7.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avwebg7.exe5

Error: (11/02/2015 06:35:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 348

Startzeit: 01d1159266839d7b

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 08b82d51-8188-11e5-827c-4437e6e88be4

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/02/2015 06:31:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WUDFHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450412e
Name des fehlerhaften Moduls: amdocl64.dll, Version: 10.0.1411.4, Zeitstempel: 0x533bcde5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000c67d8f
ID des fehlerhaften Prozesses: 0x10b4
Startzeit der fehlerhaften Anwendung: 0xWUDFHost.exe0
Pfad der fehlerhaften Anwendung: WUDFHost.exe1
Pfad des fehlerhaften Moduls: WUDFHost.exe2
Berichtskennung: WUDFHost.exe3
Vollständiger Name des fehlerhaften Pakets: WUDFHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WUDFHost.exe5

Error: (11/01/2015 05:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WUDFHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450412e
Name des fehlerhaften Moduls: amdocl64.dll, Version: 10.0.1411.4, Zeitstempel: 0x533bcde5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000c67d8f
ID des fehlerhaften Prozesses: 0x7b8
Startzeit der fehlerhaften Anwendung: 0xWUDFHost.exe0
Pfad der fehlerhaften Anwendung: WUDFHost.exe1
Pfad des fehlerhaften Moduls: WUDFHost.exe2
Berichtskennung: WUDFHost.exe3
Vollständiger Name des fehlerhaften Pakets: WUDFHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WUDFHost.exe5


Systemfehler:
=============
Error: (11/22/2015 00:32:30 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (11/21/2015 04:10:07 PM) (Source: DCOM) (EventID: 10010) (User: Hikaru-Uke)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/21/2015 04:09:37 PM) (Source: DCOM) (EventID: 10010) (User: Hikaru-Uke)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/21/2015 03:03:59 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (11/21/2015 03:01:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (11/21/2015 02:10:57 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (11/21/2015 02:08:28 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8015eccdfdb, 0xffffd001c3fc7138, 0xffffd001c3fc6940)C:\WINDOWS\MEMORY.DMP112115-26140-01

Error: (11/21/2015 02:08:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎11.‎2015 um 13:54:23 unerwartet heruntergefahren.

Error: (11/20/2015 01:35:30 PM) (Source: DCOM) (EventID: 10010) (User: Hikaru-Uke)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/20/2015 01:35:00 PM) (Source: DCOM) (EventID: 10010) (User: Hikaru-Uke)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
  Date: 2015-06-17 23:29:26.855
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-7800 Radeon R7, 12 Compute Cores 4C+8G 
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 7093.19 MB
Verfügbarer physikalischer RAM: 5758.71 MB
Summe virtueller Speicher: 14517.19 MB
Verfügbarer virtueller Speicher: 13016.71 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:842.44 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1746FBBD)

Partition: GPT.

==================== Ende von Addition.txt ============================
         


Alt 23.11.2015, 14:39   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Ich sehe jetzt so nix in den Logfiles.
__________________
--> Windows 8.1-PUP.optional befall monatlich

Alt 23.11.2015, 17:35   #7
ship-S
 
Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Hallo Schrauber,
Dann ist alles in Ordnung ?
Bei den 2 Abstuerzen mit den blauen Bildschirm dachte
Ich das Schlimmste . Danke erstmal !

Alt 24.11.2015, 22:06   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.11.2015, 22:37   #9
ship-S
 
Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Dann vielen Dank , Schrauber !
Jetzt muss ich nicht mehr dran denken ,das etwas nicht in ordnung ist.

Alt 26.11.2015, 12:22   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1-PUP.optional befall monatlich - Standard

Windows 8.1-PUP.optional befall monatlich



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8.1-PUP.optional befall monatlich
antivirus, bildschirm, desktop, einstellungen, externe festplatte, festplatte, google, install.exe, internet, kein internet, problem, pup.optional.crossbrowse, pup.optional.mybrowser, pup.optional.somoto, realtek, rundll, schutz, server, software, svchost.exe, updates, windows, winlogon.exe



Ähnliche Themen: Windows 8.1-PUP.optional befall monatlich


  1. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  2. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  3. Scan ergibt PUP.Optional.PricePeep.A und Malware.Trace befall
    Log-Analyse und Auswertung - 20.06.2014 (7)
  4. Malwarebites findet Befall mit PUP.Optional.WowSearch.A nach Lame-aktuallisierung (Windows 8.1)
    Log-Analyse und Auswertung - 05.06.2014 (40)
  5. Windows 8 nachdem (PUP.Optional.SweetPage.A) behoben ist, Fund von PUP.Optional.IePluginServiceA
    Log-Analyse und Auswertung - 15.05.2014 (19)
  6. Windows 7: PUP.Optional.Conduit.A und PUP.Optional.SearchProtect.A gefunden
    Log-Analyse und Auswertung - 21.03.2014 (7)
  7. PUP optional/iminent Befall und das Internet lhmt
    Log-Analyse und Auswertung - 22.01.2014 (23)
  8. Windows 8: Schädlingsbefall - PUP.Optional. DefaultTab.A und PUP.Optional.AlexaTB.A
    Log-Analyse und Auswertung - 15.01.2014 (14)
  9. Windows 8: Fund von TR/Dropper.gen, PUP.Optional.Iminent.A, PUP.Optional.BizzyBolt, PUP.Optional.DigitalSites.A
    Log-Analyse und Auswertung - 10.12.2013 (13)
  10. Windows 8.1 PUP.Optional.InstallCore.A + PUP.Optional.Chrome.A entdeckt
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (13)
  11. Datenrettung möglich nach Befall mit PUP.Optional.BuzzSearch.A?
    Antiviren-, Firewall- und andere Schutzprogramme - 15.11.2013 (13)
  12. Win 7 - Win32.downloader.gen - PUP.Optional.Conduit.A - Befall
    Log-Analyse und Auswertung - 13.09.2013 (7)
  13. Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (13)
  14. 2x Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Mülltonne - 08.09.2013 (1)
  15. Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy
    Log-Analyse und Auswertung - 30.08.2013 (32)
  16. Windows 7 Ultimate 64bit: Malewarebytes findet PUP.Optional.Conduit.A/PUP.Optional.Softonic
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (6)
  17. PUP.Optional.a Befall
    Log-Analyse und Auswertung - 15.08.2013 (7)

Zum Thema Windows 8.1-PUP.optional befall monatlich - Hallo, ich weiß nicht ob ich jetzt einen Virus habe oder nicht( Pc mit Win 8.1 ), aber seitdem ich für 2 Monate kein Internet hatte, (Ich hab die ganzen - Windows 8.1-PUP.optional befall monatlich...
Archiv
Du betrachtest: Windows 8.1-PUP.optional befall monatlich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.