Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: W97M.Downloader

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.01.2016, 11:54   #1
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Hallo zusammen,
ich wende mich mit einer Bitte bzw. Frage an die Fachleute.
Durch Dummheit habe ich in einer E-Mail auf den Anhang geklickt . (Word-Dokument). Natürlich war keine Rechnung enthalten, wie im Text der E-Mail beschrieben. Um das Dokument mit Norton 360 zu scannen, habe ich es auf den Desktop gezogen. Erkannt wurde der W97M.Downloader. Daraufhin habe ich einen Schnellscan, einen gründlichen Scan mit Norton 360, Malewarebytes Anti-Maleware und Start Emsisoft Emergency Kit durchgeführt, die Scans haben den Trojaner nicht aufgezeigt.

Ist damit sichergestellt, dass wirklich kein Trojaner im System ist, oder ist der Schädling in der Lage sich entsprechend zu "tarnen" das er gar nicht erkannt wird?

Oder wird ein anderes Tool benötigt?

Fühle mich jetzt nicht mehr sicher

Alt 23.01.2016, 13:00   #2
M-K-D-B
/// TB-Ausbilder
 
W97M.Downloader - Standard

W97M.Downloader






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen, dann kann ich dir mehr sagen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 23.01.2016, 13:29   #3
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Hallo Matthias,

danke für die schnelle Antwort.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Mihalj (Administrator) auf MICHIBÜRO (23-01-2016 13:01:06)
Gestartet von F:\Downloads
Geladene Profile: Mihalj (Verfügbare Profile: Mihalj)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Hi-Rez Studios) D:\HiPatchService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(MY.COM B.V.) C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe
() C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\conathst.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15731.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Shell]  [0 ] () <=== ACHTUNG
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [Amazon Music] => C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-09-15] ()
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [MyComGames] => C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe [4746696 2016-01-14] (MY.COM B.V.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\RunOnce: [Uninstall C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Stylus SX200 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [221696 2007-12-13] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
Startup: C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk [2015-11-29]
ShortcutTarget: LCDHost.lnk -> C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{9972aa8a-9d34-4ed1-b078-7c2b36a8f3a0}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{a0c56e8c-cd29-4d58-aad2-a8bbdfeb906b}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-3268381146-424546740-3302138135-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7B6B8930-1747-4AEF-8617-568BDB9B1C5D&q={searchTerms}&SSPV=
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-21] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-03] (Oracle Corporation)
BHO-x32: Recorder Toolbar -> {120A8821-2BEE-4C29-BCDA-62C577781992} -> C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734
FF NewTab: hxxp://search.norton.com
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\") 

 (host == \"iview.abc.net.au\") 

 (host == \"iviewmetered-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=au\") != -1) 

 (host == \"livestream.com\") 

 (host == \"www.livestream.com\") 

 (host == \"api.new.livestream.com\") 

 (host == \"player.ooyala.com\") 

 (host == \"xnewsvidhd-vh.akamaihd.net\") 

 (host == \"www.animelab.com\") 

 (host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1) 

 (host == \"ici.tou.tv\") 

 (host == \"toutvuniver1-vh.akamaihd.net\") 

 (host == \"geoip.radio-canada.ca\") 

 (host == \"api.radio-canada.ca\") 

 (host == \"images.tou.tv\") 

 (host == \"player.siriusxm.ca\") 

 (host == \"primary.hls-streaming.production.streaming.siriusxm.ca\") 

 (host == \"now.sportsnet.ca\") 

 (host == \"watch.sportsnet.ca\") 

 (host == \"player.9c9media.com\") 

 (host == \"metrics.ctv.ca\") 

 (host == \"capi.9c9media.com\") 

 (host == \"www.ctv.ca\") 

 (host == \"www.willow.tv\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\") 

 (host == \"www.arte.tv\") 

 (host == \"geoftv-a.akamaihd.net\") 

 (host == \"hdfauthftv-a.akamaihd.net\") 

 (host == \"replayftv-vh.akamaihd.net\") 

 (host == \"ftvingest-vh.akamaihd.net\") 

 (host == \"live.francetv.fr\") 

 (host == \"d8.tv\") 

 (host == \"www.d8.tv\") 

 (host == \"us-cplus-aka.canal-plus.com\") 

 (host == \"hds_live_d8_aka-lh.akamaihd.net\") 

 (host == \"d17.tv\") 

 (host == \"www.d17.tv\") 

 (host == \"hds_live_d17_aka-lh.akamaihd.net\") 

 (url.indexOf(\"proxmate=fr\") != -1) 

 (host == \"www.6play.fr\") 

 (host == \"geo.6cloud.fr\") 

 (host == \"proxy-021.dc3.dailymotion.com\") 

 (host == \"proxy-67.dailymotion.com\") 

 (host == \"prof.estat.com\") 

 (host == \"metrics.dailymotion.com\") 

 (host == \"www.dailymotion.com\") 

 (host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\") 

 (host == \"vas.sim-technik.de\") 

 (url.indexOf(\"proxmate=de\") != -1) 

 (host == \"nightclub.de\") 

 (host == \"zdf.de\") 

 (host == \"www.zdf.de\") 

 (host == \"zdf_hds_de-f.akamaihd.net\") 

 (host == \"api.nowtv.de\") 

 (host == \"delivestream-lh.akamaihd.net\") 

 (host == \"cdnapi.kaltura.com\") 

 (host == \"disneychannel.de\") 

 (host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\") 

 (url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\") 

 (host == \"www.rai.tv\") 

 (host == \"mediapolis.rai.it\") 

 (host == \"www.rai.it\") 

 (host == \"stream5.rai.it\") 

 (host == \"stream6.rai.it\") 

 (host == \"stream7.rai.it\") 

 (host == \"sspushrai1-s.akamaihd.net\") 

 (host == \"sspushrai2-s.akamaihd.net\") 

 (host == \"sspushraisport2-s.akamaihd.net\") 

 (host == \"sspushrai3-s.akamaihd.net\") 

 (host == \"secondary.adaptiveedge.rai.it\") 

 (host == \"rai-italia01.wt-eu02.net\") 

 (host == \"download.rai.tv\") 

 (host == \"mediapolisvod.rai.it\") 

 (host == \"ww.rai.tv\") 

 (host == \".xuniplay.fdnames.com\") 

 (url.indexOf(\"xuniplay.fdnames.com\") != -1) 

 (host == \"se-to1-8.se.live3.msf.ticdn.it\") 

 (host == \"live.shinystat.com\") 

 (host == \"lic.mediaset.net\") 

 (host == \"cssr.video.mediaset.it\") 

 (url.indexOf(\"proxmate=it\") != -1) 

 (host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\") 

 (host == \"telecinco1-vh.akamaihd.net\") 

 (host == \"www.telecinco.es\") 

 (url.indexOf(\"proxmate=es\") != -1) 

 (host == \"antena3.com\") 

 (host == \"www.antena3.com\") 

 (host == \"geodesprogresiva.antena3.com\") 

 (host == \"rtve.es\") 

 (host == \"www.rtve.es\") 

 (host == \"ztnr.rtve.es\") 

 (host == \"mvodt.lvlt.rtve.es\") 

 (host == \"swf.rtve.es\") 

 (host == \"cuatro.com\") 

 (host == \"www.cuatro.com\") 

 (host == \"cuatro1-vh.akamaihd.net\") 

 (host == \"peliculas-online.atresplayer.com\") 

 (host == \"servicios.atresplayer.com\") 

 (host == \"atresplayer.com\") 

 (host == \"www.atresplayer.com\") 

 (host == \"k.uecdn.es\") 

 (host == \"v.uecdn.es\") 

 (host == \"as.com\") 

 (host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\") 

 (host == \"www.prosieben.ch\") 

 (host == \"vas.sim-technik.de\") 

 (host == \"s1tv.ch\") 

 (host == \"www.s1tv.ch\") 

 (host == \"zba2-0-hds-live.zahs.tv\") 

 (host == \"embed-zattoo.com\") 

 (host == \"chtv.ch\") 

 (host == \"www.chtv.ch\") 

 (host == \"zba2-1-hds-live.zahs.tv\") 

 (host == \"sat1.ch\") 

 (host == \"www.sat1.ch\") 

 (host == \"rsi.ch\") 

 (host == \"www.rsi.ch\") 

 (host == \"codch-vh.akamaihd.net\") 

 (host == \"il.srgssr.ch\") 

 (host == \"ch.viva.tv\") 

 (host == \"intl.esperanto.mtvi.com\") 

 (url.indexOf(\"proxmate=ch\") != -1) 

 (host == \"zattoo.com\") 

 (host == \"www.srf.ch\") 

 (host == \"srgssruni1ch-lh.akamaihd.net\") 

 (host == \"srgssruni2ch-lh.akamaihd.net\") 

 (host == \"srgssruni3ch-lh.akamaihd.net\") 

 (host == \"www.teleboy.ch\") 

 (host == \"aka-cdn-ns.adtech.de\") 

 (host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"c.brightcove.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"stv-ak.cds1.yospace.com\") 

 (host == \"core.stvfiles.com\") 

 (host == \"player.stv.tv\") 

 (host == \"stv.brightcove.com.edgesuite.net\") 

 (host == \"uk-dev-stv.cdn.videoplaza.tv\") 

 (host == \"mercury.itv.com\") 

 (host == \"www.itv.com\") 

 (host == \"itv.com\") 

 (host == \"llnw.live.btv.simplestream.com\") 

 (host == \"players.simplestream.com\") 

 (host == \"uapi.simplestream.com\") 

 (host == \"channel5.com\") 

 (host == \"wwwcdn.channel5.com\") 

 (host == \"cassie.channel5.com\") 

 (host == \"player.channel5.com\") 

 (host == \"deliver-hls.channel5.com\") 

 (host == \"akahls.channel5.com\") 

 (host == \"llnwhls.channel5.com\") 

 (host == \"milkshake.tv\") 

 (host == \"www.milkshake.tv\") 

 (host == \"trk-euwest.tidaltv.com\") 

 (host == \"mp.adverts.itv.com\") 

 (host == \"req.tidaltv.com\") 

 (host == \"s1.2mdn.net\") 

 (host == \"pes.itv.com\") 

 (host == \"ned.itv.com\") 

 (host == \"itvdotcom.2cnt.net\") 

 (host == \"tom.itv.com\") 

 (host == \"dave.uktv.co.uk\") 

 (host == \"uktvplay.uktv.co.uk\") 

 (host == \"uktvhdse.brightcove.com.edgesuite.net\") 

 (host == \"admin.brightcove.com\") 

 (host == \"really.uktv.co.uk\") 

 (host == \"yesterday.uktv.co.uk\") 

 (host == \"drama.uktv.co.uk\") 

 (host == \"live.tvplayer.com\") 

 (host == \"tvplayer.com\") 

 (host == \"sapi.tvplayer.com\") 

 (host == \"api.tvplayer.com\") 

 (host == \"www.gamefront.com\") 

 (url.indexOf(\"proxmate=uk\") != -1) 

 (host == \"channel4.com\") 

 (host == \"ais.channel4.com\") 

 (host == \"pandr.my.channel4.com\") 

 (host == \"all4nav.channel4.com\") 

 (host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\") 

 (host == \"discidevflash-f.akamaihd.net\") 

 (host == \"api.geoip.dp.discovery.com\") 

 (host == \"vidtech.cbsinteractive.com\") 

 (host == \"vidtech.cbsima.com\") 

 (host == \"om.cbsi.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api-manga.crunchyroll.com\") 

 (host == \"crunchyroll.com\") 

 (host == \"www.crunchyroll.com\") 

 (host == \"cdn.wwtv.warnerbros.com\") 

 (host == \"hlsioscwtv.warnerbros.com\") 

 (host == \"media.cwtv.com\") 

 (host == \"servicesaetn-a.akamaihd.net\") 

 (host == \"live.mlssoccer.com\") 

 (host == \"tvewnbc-i.akamaihd.net\") 

 (host == \"tvenbceast-i.akamaihd.net\") 

 (host == \"nbcmpx-vh.akamaihd.net\") 

 (host == \"www.pandora.com\") 

 (host == \"video.pbs.org\") 

 (host == \"ga.video.cdn.pbs.org\") 

 (host == \"urs.pbs.org\") 

 (host == \"play.spotify.com\") 

 (host == \"www.spotify.com\") 

 (host == \"play.spotify.edgekey.net\") 

 (host == \"www.iheart.com\") 

 (host == \"api2.iheart.com\") 

 (host == \"api.iheart.com\") 

 (host == \"iheart.com\") 

 (host == \"nick.mtvnimages.com\") 

 (host == \"sni-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=us\") != -1) 

 (host == \"api.segment.io\") 

 (host == \"www.vevo.com\") 

 (host == \"vevo.com\") 

 (host == \"apiv2.vevo.com\") 

 (host == \"songza.com\") 

 (host == \"new.songza.com\") 

 (host == \"www.daisuki.net\") 

 (host == \"bngn-vh.akamaihd.net\") 

 (host == \"bngnwww.b-ch.com\") 

 (host == \"www.hbogo.com\") 

 (host == \"catalog.lv3.hbogo.com\") 

 (host == \"profile.lv3.hbogo.com\") 

 (host == \"profile.hbogo.com\") 

 (url.indexOf(\".lv3.hbogo.com\") != -1) 

 (host == \"register.hbogo.com\") 

 (host == \"play.hbogo.com\") 

 (host == \"smetrics.hbogo.com\") 

 (url.indexOf(\".lv3.cdn.hbo.com\") != -1) 

 (host == \"comet.api.hbo.com\") 

 (host == \"play.google.com\") 

 (host == \"checkout.google.com\") 

 (host == \"store.google.com\") 

 (host == \"apis.google.com\") 

 (host == \"amc350888def-vh.akamaihd.net\") 

 (host == \"a564avoddashnsus-a.akamaihd.net\") 

 (host == \"atv-ps.amazon.com\") 

 (host == \"www.amazon.com\") 

 (host == \"amazon.com\") 

 (host == \"fls-na.amazon.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"phds-vod.cdn.turner.com\") 

 (host == \"token.vgtf.net\") 

 (host == \"counter.yadro.ru\") 

 (host == \"turbik.tv\") 

 (host == \"www.ondemandkorea.com\") 

 (host == \"www.fxnetworks.com\") 

 (host == \"fxvcms-f.akamaihd.net\") 

 (host == \"tvetelemundo-vh.akamaihd.net\") 

 (host == \"feed.theplatform.com\") 

 (host == \"fsvideohds-vh.akamaihd.net\") 

 (host == \"watchable.com\") 

 (host == \"cilhlsvod-f.akamaihd.net\") 

 (host == \"oxygenvod-vh.akamaihd.net\") 

 (host == \"tvesyfy-vh.akamaihd.net\") 

 (host == \"www.smithsonianchannel.com\") 

 (host == \"c.brightcove.com\") 

 (host == \"brightcove01.brightcove.com\") 

 (host == \"edge.api.brightcove.com\") 

 (host == \"www.eonline.com\") 

 (host == \"api.listenlive.co\") 

 (host == \"playerservices.streamtheworld.com\") 

 (host == \"player.listenlive.co\") 

 (url.indexOf(\"live.streamtheworld.com\") != -1) 

 (host == \"www.cartoonnetwork.com\") 

 (host == \"www.viki.com\") 

 (host == \"\\\"www.viki.com\") 

 (host == \"www.origin.com\") 

 (host == \"ht.cdn.turner.com\") 

 (host == \"aolvideoshd-vh.akamaihd.net\") 

 (host == \"syn.5min.com\") 

 (host == \"stvideos.5min.com\") 

 (host == \"www.showtime.com\") 

 (host == \"secure.showtime.com\") 

 (url.indexOf(\".vgtf.net\") != -1) 

 (host == \"phds-live.cdn.turner.com\") 

 (host == \"api.amplitude.com\") 

 (host == \"order.rhapsody.com\") 

 (host == \"payment.rhapsody.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\") 

 (host == \".npostreaming.nl\") 

 (host == \"ida.omroep.nl\") 

 (host == \"npoplayer.omroep.nl\") 

 (host == \"www.zapp.nl\") 

 (host == \"tellerapi.omroep.nl\") 

 (host == \"e.omroep.nl\") 

 (url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\") 

 (host == \"apasfiisl.apa.at\") 

 (host == \"orf.oewabox.at\") 

 (host == \"194.232.200.58\") 

 (host == \"185.85.28.1\") 

 (host == \"atvplus.oewabox.at\") 

 (host == \"cdn.atv.at\") 

 (url.indexOf(\"proxmate=at\") != -1) 

 (host == \"hdsvodsportsman-vh.akamaihd.net\") 

 (host == \"streamaccess.unas.tv\") 

 (host == \"www.laola1.tv\") 

 (host == \"www.livestation.com\") 

 (host == \"livestation.com\") 

 (url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\") 

 (host == \"www.netflix.com\") 

 (host == \"cbp-us.nccp.netflix.com\") 

 (host == \"secure.netflix.com\") 

 (host == \"api-global.netflix.com\") 

 (host == \"ichnaea.netflix.com\") 

 (host == \"customerevents.netflix.com\") 

 (host == \"s.thebrighttag.com\")) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\") 

 (host == \"www.funimation.com\") 

 (host == \"wpc.8c48.edgecastcdn.net\") 

 (host == \"southpark.cc.com\") 

 (host == \"api.utils.watchabc.go.com\") 

 (host == \"www.dramafever.com\") 

 (host == \"www.logotv.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api.watchabc.go.com\") 

 (host == \"theanimenetwork.com\") 

 (host == \"huluim.com\") 

 (host == \"www.hulu.com\") 

 (host == \"t2.hulu.com\") 

 (host == \"urlcheck.hulu.com\") 

 (host == \"t.hulu.com\") 

 (host == \"play.hulu.com\") 

 (host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\") 

 (host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\") 

 (host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"player.rutv.ru\") 

 (host == \"api.rutv.ru\") 

 (host == \"cdnng.v.rtr-vesti.ru\") 

 (host == \"player.vgtrk.com\") 

 (url.indexOf(\"proxmate=ru\") != -1) 

 (host == \"stream.1tv.ru\") 

 (host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\") 

 (host == \"api.globovideos.com\") 

 (host == \"s.videos.globo.com\") 

 (host == \"gshow.globo.com\") 

 (host == \"voddownload02.video.globo.com\") 

 (host == \"secure.nuuvem.com\") 

 (host == \"webportal.nowonline.com.br\")) { return 'PROXY br-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\") 

 (host == \"open.live.bbc.co.uk\") 

 (host == \"fig.bbc.co.uk\") 

 (host == \"vod-hds-uk-live.edgesuite.net\") 

 (host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.edgesuite.net\") 

 (host == \"bbc.co.uk\")) { return 'PROXY ukb-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3268381146-424546740-3302138135-1001: @my.com/Games -> C:\Users\Mihalj\AppData\Local\MyComGames\NPMyComDetector.dll [2015-12-21] (My.com, Inc)
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-07-07]
FF Extension: ProxMate - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-01-11]
FF Extension: Widevine Media Optimizer - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-07-23] [ist nicht signiert]
FF Extension: mx3 - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2015-12-19]
FF Extension: FT DeepDark - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Metal Lion Australis Theme - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{F2C70981-7CDC-4c46-ACF3-41F18693E79E} [2015-12-05]
FF Extension: Adblock Edge - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-12-05]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Google Drive) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-18]
CHR Extension: (YouTube) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google-Suche) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19]
CHR Extension: (Norton Security Toolbar) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-09-18]
CHR Extension: (Norton Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18]
CHR Extension: (Google Mail) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-15] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-08-16] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
U2 HiPatchService; D:\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [Datei ist nicht signiert]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2015-03-23] ()
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20160119.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-08-16] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20160122.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [Datei ist nicht signiert]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 SMR501; C:\Windows\System32\drivers\SMR501.SYS [111288 2016-01-23] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 13:00 - 2016-01-23 13:01 - 00000000 ____D C:\FRST
2016-01-23 11:29 - 2016-01-23 12:53 - 00020530 _____ C:\WINDOWS\ntbtlog.txt
2016-01-23 11:07 - 2016-01-23 11:09 - 00111288 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR501.SYS
2016-01-23 09:17 - 2016-01-23 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-01-23 09:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-22 19:13 - 2016-01-22 19:13 - 00000761 _____ C:\Users\Mihalj\Desktop\Start Emsisoft Emergency Kit.lnk
2016-01-22 19:12 - 2016-01-23 08:51 - 00000000 ____D C:\EEK
2016-01-22 16:51 - 2016-01-23 11:12 - 00021330 _____ C:\WINDOWS\ntbtlog.txt.bak
2016-01-22 14:55 - 2016-01-23 11:10 - 00000000 ____D C:\NPE
2016-01-22 14:54 - 2016-01-22 14:54 - 00000000 ____D C:\ProgramData\SMR501
2016-01-22 14:53 - 2016-01-23 11:09 - 00000000 ____D C:\Users\Mihalj\AppData\Local\NPE
2016-01-18 21:19 - 2016-01-18 21:19 - 00366900 _____ C:\WINDOWS\Minidump\011816-8687-01.dmp
2016-01-15 19:19 - 2016-01-15 19:19 - 00311076 _____ C:\WINDOWS\Minidump\011516-8765-01.dmp
2016-01-13 16:45 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:45 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 16:45 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 16:45 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:45 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 16:45 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 16:45 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:45 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 16:45 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:45 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 05:44 - 2016-01-12 05:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-12 05:44 - 2016-01-12 05:44 - 00002130 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000581 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000580 _____ C:\Users\Public\Desktop\Smite.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-01-11 18:35 - 2016-01-23 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 21:02 - 2016-01-07 21:02 - 00000633 _____ C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dokumente.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00001828 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iPod
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files\Bonjour
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-03 12:15 - 2016-01-03 12:15 - 04407063 _____ C:\Users\Mihalj\Downloads\WW2-Content Pack-1.8-5.1.1.jar
2016-01-03 12:15 - 2016-01-03 12:15 - 01517090 _____ C:\Users\Mihalj\Downloads\Nerf-Content Pack-1.8-5.0.jar
2016-01-03 12:13 - 2016-01-03 12:14 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1-1.8-5.1.1.jar
2016-01-03 12:11 - 2016-01-03 12:11 - 00232534 _____ C:\Users\Mihalj\Downloads\Simple Parts-Content Pack-1.8-5.1.1.jar
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:02 - 00000000 ____D C:\Program Files\WinRAR
2016-01-03 11:41 - 2016-01-03 11:41 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1.8-5.1.1.jar
2016-01-03 11:41 - 2016-01-03 11:25 - 00326752 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-01-03 11:40 - 2016-01-03 11:38 - 31012264 _____ (Oracle Corporation) C:\Users\Mihalj\Downloads\Java_Installer.exe
2016-01-03 11:25 - 2016-01-03 11:46 - 00000000 ____D C:\Program Files\Java
2016-01-03 11:25 - 2016-01-03 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-03 11:25 - 2016-01-03 11:25 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\Users\Mihalj\.oracle_jre_usage
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\ProgramData\Oracle
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Oracle
2016-01-02 21:52 - 2016-01-02 21:52 - 06293872 _____ (Tim Kosse) C:\Users\Mihalj\Downloads\FileZilla_3.14.1_win32-setup.exe
2015-12-30 18:56 - 2016-01-18 21:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-30 18:56 - 2015-12-30 18:56 - 00364364 _____ C:\WINDOWS\Minidump\123015-9578-01.dmp
2015-12-28 11:07 - 2015-12-28 11:07 - 00000977 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-28 11:07 - 2015-12-28 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 17:55 - 00000000 ____D C:\Users\Mihalj\Documents\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 11:05 - 00000000 ____D C:\HeroesData

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 13:00 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-23 12:53 - 2014-03-09 07:12 - 00000000 ____D C:\Users\Mihalj\AppData\Local\CrashDumps
2016-01-23 12:09 - 2014-03-14 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-23 12:06 - 2015-06-10 04:56 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-23 11:55 - 2014-03-08 14:47 - 00000000 ____D C:\Users\Mihalj\Documents\Outlook-Dateien
2016-01-23 11:53 - 2014-08-19 04:03 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-23 11:35 - 2015-11-29 00:05 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-23 11:35 - 2015-10-30 19:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-23 11:35 - 2015-10-30 19:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-23 11:35 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-23 11:35 - 2015-06-10 04:57 - 00000000 ___RD C:\Users\Mihalj\Dropbox
2016-01-23 11:35 - 2015-06-10 04:56 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Dropbox
2016-01-23 11:34 - 2015-11-28 06:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2016-01-23 11:29 - 2015-12-21 19:31 - 00000000 ____D C:\Users\Mihalj\AppData\Local\MyComGames
2016-01-23 11:29 - 2015-11-28 23:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-23 11:29 - 2015-11-28 23:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-23 11:29 - 2015-06-10 04:56 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-23 11:29 - 2015-05-06 17:46 - 00000000 ___RD C:\Users\Mihalj\iCloudDrive
2016-01-23 11:29 - 2014-08-19 04:03 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-23 11:29 - 2014-04-12 08:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-23 11:10 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-23 09:14 - 2014-04-12 08:37 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-23 09:00 - 2015-02-21 06:44 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Mihalj
2016-01-23 09:00 - 2015-02-21 06:44 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mihalj.job
2016-01-23 08:49 - 2015-09-30 17:55 - 00031639 _____ C:\Users\Mihalj\Desktop\Arbeitszeitkarte Vorlage.xlsx
2016-01-23 08:10 - 2014-03-08 13:18 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B9B897E-3C10-40FC-BFB1-0251065C3A3C}
2016-01-23 08:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-22 16:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-22 14:55 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-22 14:53 - 2014-03-08 13:16 - 00000000 ____D C:\ProgramData\Norton
2016-01-22 04:59 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-20 19:12 - 2014-03-08 13:01 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Packages
2016-01-18 21:38 - 2015-11-28 23:55 - 00000000 ____D C:\Users\Mihalj
2016-01-18 21:19 - 2014-06-28 16:57 - 1236391303 _____ C:\WINDOWS\MEMORY.DMP
2016-01-18 18:46 - 2014-04-12 08:32 - 00000000 ____D C:\ProgramData\ProductData
2016-01-17 15:48 - 2014-05-16 14:48 - 00000336 _____ C:\WINDOWS\Tasks\MT66 Software Update.job
2016-01-17 15:16 - 2015-03-31 15:56 - 00000000 ____D C:\Users\Mihalj\Documents\David
2016-01-17 08:41 - 2014-03-13 18:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-17 08:39 - 2014-03-13 18:34 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-16 19:15 - 2014-04-10 15:10 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Skype
2016-01-16 09:25 - 2014-03-08 15:59 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\FileZilla
2016-01-15 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-15 20:05 - 2014-03-04 12:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-15 16:29 - 2014-12-24 07:18 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 05:54 - 2014-08-19 04:03 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-15 05:10 - 2015-02-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-14 03:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 17:02 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 17:02 - 2014-08-09 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 19:40 - 2014-03-08 14:38 - 00000000 ____D C:\Users\Mihalj\Documents\My Games
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\ProgramData\Adobe
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-12 05:31 - 2014-06-29 15:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-11 20:32 - 2015-01-10 10:11 - 00000702 _____ C:\Users\Mihalj\Desktop\World of Tanks.lnk
2016-01-11 20:01 - 2015-11-29 00:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-11 19:56 - 2015-09-06 18:29 - 00034308 _____ C:\WINDOWS\SysWOW64\bassmod.dll
2016-01-11 19:56 - 2015-07-15 19:13 - 00155136 _____ C:\WINDOWS\SysWOW64\unrar.dll
2016-01-11 19:51 - 2014-03-04 12:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-11 18:38 - 2014-03-09 08:26 - 00000000 ____D C:\Users\Mihalj\AppData\Local\676C63E5-3167-4B7A-9727-75016617B7F8.aplzod
2016-01-10 12:40 - 2014-05-17 18:22 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\vlc
2016-01-09 10:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-06 10:05 - 2014-03-09 08:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-01-06 10:04 - 2015-05-06 17:46 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Inc
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Apple Computer
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Computer
2016-01-06 10:03 - 2014-03-09 06:57 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 21:53 - 2014-03-08 15:59 - 00002075 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-12-31 15:10 - 2015-11-28 23:54 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-31 12:24 - 2014-03-08 14:02 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\TS3Client
2015-12-31 10:52 - 2014-03-09 14:23 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Battle.net
2015-12-28 11:16 - 2014-03-09 14:23 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-24 05:46 - 2015-11-28 23:54 - 00359592 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-10 16:29 - 2015-05-10 16:29 - 0002116 _____ () C:\Users\Mihalj\AppData\Local\recently-used.xbel
2015-08-31 04:30 - 2015-08-31 04:32 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{70750D93-5C31-4489-A1D6-D635FA7EF0C3}
2015-09-21 04:30 - 2015-09-21 04:30 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{948D2D42-5989-48E6-9827-E0678DE07CCB}
2015-11-28 23:54 - 2015-11-28 23:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-18 18:55

==================== Ende von FRST.txt ============================
         
__________________

Alt 23.01.2016, 13:37   #4
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Mihalj (2016-01-23 13:01:27)
Gestartet von F:\Downloads
Windows 10 Home (X64) (2015-11-28 23:54:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3268381146-424546740-3302138135-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3268381146-424546740-3302138135-503 - Limited - Disabled)
Gast (S-1-5-21-3268381146-424546740-3302138135-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3268381146-424546740-3302138135-1003 - Limited - Enabled)
Mihalj (S-1-5-21-3268381146-424546740-3302138135-1001 - Administrator - Enabled) => C:\Users\Mihalj

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 (Enabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

[BV] Mod Collection (HKLM-x32\...\{D695D931-4FF5-4A77-BA6F-9A8D82A5FEFD}) (Version: 9.06.04 - Black & Bloody Vengeance)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AIDA64 Extreme v5.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.20 - FinalWire Ltd.)
Amazon Music (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Amazon Amazon Music) (Version: 3.10.1.1000 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{AB112C21-1FF5-4B39-9D02-94C44AEDA31D}) (Version: 1.31.0 - Kovid Goyal)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
EPSON Stylus SX200 Series Printer Uninstall (HKLM\...\EPSON Stylus SX200 Series) (Version:  - SEIKO EPSON Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version:  - )
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ACHTUNG
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
G15_TeamSpeak (NSIS) (HKLM-x32\...\G15_TeamSpeak) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.8 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LCDHost - a compositing plugin manager for LCD's (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\LCDHost) (Version:  - Link Data Stockholm)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
My.com Game Center (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\MyComGames) (Version: 3.161 - My.com B.V.)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.87 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
OMC ModPack Client Version 1.3.7.1 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.3.7.1 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Parsec - 1  (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\a53dc3b81e52c50e) (Version: 1.0.0.53 - Parsec)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.21.3182.1 - Hi-Rez Studios)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3268381146-424546740-3302138135-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02E5EF08-BE6D-49B0-B63A-0958EEDD4B29} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {0BE5CC73-101D-4DCE-9092-026CAF07ADCE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {1A06C6E4-FBB5-4B6D-96BF-331F41F524CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {28145345-2AE3-43CE-94EC-D1A35A926AA4} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {3E512E81-6FEF-4B9D-A7FE-84F48603DF4A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4392384C-1F44-436A-ACE5-8483028F2F53} - System32\Tasks\Uninstaller_SkipUac_Mihalj => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {48C0CB97-7185-4BE1-AD85-3D91D9118661} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {48FD4A6D-FA7C-45A5-B466-1D94609D656C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {58F658F5-CF87-48A0-9633-A3516123C8A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {62DDD737-B878-4FF4-9188-5C9E7C3200D5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {65C1EC37-3DD2-4E87-B034-F37FD73572F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {66A70CA5-A118-4828-9176-D69D30FB8C50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {66FA77BA-E5BD-439E-B42D-C4DDD60B8EEC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7882E8C1-4B2C-48ED-A908-1FA4CC19CCAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {7C19AA0C-5CA0-4A3A-A8D1-5681E00F909D} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {821D2F12-5699-4AF0-8981-D814CB15A613} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {90FAA7BA-9FC0-4745-A37C-F21F183AFE30} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {92C8BF82-DAB1-4FBB-89AA-339D508107B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {A7496965-8C36-484F-954D-BD4004C7BEE5} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {ADF6BDDF-4CAB-4D92-8C46-D9A0926ACA78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {BBCF18DC-64B7-4557-8C42-5E5D29377D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BD31E485-7C8E-4FA8-91A1-92BD2EB86B66} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C76B553F-EDB4-4595-9CA6-D47E0FD882B6} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {CCEDCA39-7BE2-454A-B6D9-214992521D83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E4202DF5-E017-40C3-8E4F-93CABEE50E4B} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe [2015-03-23] (FinalWire Ltd.)
Task: {E798C29C-CFE1-4D14-B245-E430529F6D14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F34BC6A0-E2F8-4806-B0CE-28812D9541B2} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {F3EEFFCE-3CDA-4ECB-8B13-AA959784E1BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {FAD6BD71-6757-4E80-A797-46ADB1A0205A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {FBBDBEC9-80B3-4777-A695-22ECFF4660F9} - System32\Tasks\{E75F7D18-83BC-4A94-8D8E-4DB06AE0CB11} => pcalua.exe -a D:\LCDHost\bin\LCDHost.exe -d D:\LCDHost\bin
Task: {FC30442A-9942-40AF-801A-AB9F7BD5FFA3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mihalj.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-28 23:55 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-05 07:28 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-05-16 23:34 - 2014-05-16 23:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2015-12-23 20:32 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-03-09 06:48 - 2014-03-09 06:48 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-13 16:45 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 06:03 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 06:03 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 16:45 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 01221120 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe
2014-05-12 19:35 - 2014-05-12 19:35 - 00049664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_hid.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 01073664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\platforms\qwindows.dll
2014-02-01 22:33 - 2014-02-01 22:33 - 00046080 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\bearer\qgenericbearer.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00050176 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\bearer\qnativewifibearer.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00029696 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qgif.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00030208 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qico.dll
2014-02-01 22:33 - 2014-02-01 22:33 - 00235520 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qjpeg.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00059392 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Bar.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00063488 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_api5plugin.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00111616 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_cf.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00036352 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_ColorSwatch.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00034816 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Decor.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00187904 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Cursor.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00028160 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Image.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00034304 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_json.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00182784 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_DataViewer.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00088064 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Text.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00135680 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Dial.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00201216 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_DriveStats.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00126464 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Graph.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00026112 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LCoreReboot.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00039424 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LgBacklight.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00036864 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LgLcdMan.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00027136 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Logic.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00065024 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Mailcount.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00288768 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Monitoring.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00681472 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_NowPlaying.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00112640 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_TS3.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00023552 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_VirtualLCD.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00143360 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Weather.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00041472 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_simpletranslator.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00113664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_WebKit.dll
2014-07-20 20:42 - 2015-09-15 06:07 - 05887808 _____ () C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-11-28 23:54 - 2016-01-23 11:29 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-05-17 01:11 - 2014-05-17 01:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 01:37 - 2014-05-17 01:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-04-12 08:32 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-04-05 09:59 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00144896 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\zlib1.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00062464 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\pxd.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00179144 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\LightUpdate.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 02340296 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-12-12 15:49 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 15:49 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 15:49 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 15:49 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-02 03:50 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-12 15:49 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 15:49 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-10 04:56 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-10 04:56 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 05:42 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-10 04:56 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D2314343-216D-4592-9A43-E6EEC0FD1032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{511C1042-4DA7-42E7-82AA-B9B0C71E9101}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D77FBEF9-5BED-4B7E-83FB-DD64CC4E3803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1E9B104-4F85-4620-85BD-463483CE9F17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5AC71033-70C6-452D-857B-20AF57CC9CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F6FC8847-73F9-499F-B185-5A2D8B97831A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D038F8B6-FF46-46F1-A040-C820F89002C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{8EB4C157-2583-42AF-8BCE-94FC1E6E96DD}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3461AD2B-4C4D-450A-A741-98472BA64506}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{7D1AE32F-8A64-4DDC-A2E2-A4D363BBEC72}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{2DB99E03-1AA2-420C-92CB-89BFF6C1F946}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C683310-8A37-45C4-BDA9-C888ECF3C54E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB88EC10-F0E2-4BB2-9AC3-E574501F69D2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B9DAFC07-E644-4BE2-80F1-F86B1E9B21CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{2214C4CE-2261-4362-B6FD-39C1191711DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{24B8F456-7315-4EC1-AF58-5EA4D6FD44F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{8E1A2400-982C-4BA5-B957-4336775A0764}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12DAEE82-FA71-4196-B535-DCFA53CDD8AC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F9F3C5E-ED22-4539-92CF-9A14D677FD46}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2B28D7-5D5F-4306-9E6B-20AC1B3B5EE1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EAB31814-44D6-410C-BAB5-2FA0697D6A65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{21E1C6AB-9007-4FA9-B1C7-A574EB17CAAD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CF082F94-F558-4831-9BB1-14A14063B7B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D97FBCA3-4223-45E4-9D1D-D7B1F0418D0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E9783720-A063-4909-B257-64B34F656AE9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{FAD41FF0-1B0C-4859-8EF1-6CF46C296FFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{D40440F0-C7C4-4C1E-B8D2-9D5440608620}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{CCE6EB70-8737-4353-A111-61C2EA56B09D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C403363B-AC90-4780-910C-A1325E76599C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{236A5B79-27C3-4DC6-BD40-BB449F7CED23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{936B9D97-A583-4441-B106-356431100CB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{8C95CBB8-D8CC-4CC8-80FD-97E0FE355E99}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{C1391DAC-FFF8-4A7A-B72F-3C1D2BAAEB05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3A158816-47FC-48EB-9C56-059C50DB7F88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B139AF7E-2C80-405A-9DEC-F04595451503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{C62A2794-980B-45F0-95BB-2F367DAA3A91}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6639002E-1D86-495D-9547-31AA3694EB1E}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0E187B45-9709-4BB6-89BC-8768F2024D0B}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0C71978A-C855-4319-B546-FCAAA04EB46F}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{A3EC3BC0-ED86-458F-B375-BEF2AF73437A}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D6B47309-296D-4F78-BE87-60CC6A9ABBEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{793006DD-8DC8-4038-98A5-AAF5DD9D4A7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7053C682-9A0A-4615-AB0F-046459A35532}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{FD3349EF-FAE1-4BA9-9CCA-E1654559F15E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{7EEB2C2E-9F3D-498F-916A-936A11CC1B24}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7A659933-C34C-4B5F-8CC4-261B4C55F831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{646CB4FF-3A1C-4CB4-8892-C06E7E322978}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{761B8C6F-886D-4A30-8A74-E581A8ACA8CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{3B0CC2E6-A9AE-4541-8BE2-54F140932282}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1FE03162-1EBD-4A3A-921B-0F6357981DD3}] => (Allow) LPort=1900
FirewallRules: [{1723A46C-5AE0-4FD6-ADB8-1DEDFD004930}] => (Allow) LPort=2869
FirewallRules: [{DCB2C2F6-5A2F-4557-A025-023D59886BF7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6EF9F6F-D0B6-49BA-BD68-0CD27F619234}] => (Allow) LPort=12008
FirewallRules: [{DE498A3E-DFE6-4AA1-B070-25101AD3CCD9}] => (Allow) LPort=12007
FirewallRules: [{7CEEFC0D-24CC-4D62-BA75-55820164C017}] => (Allow) LPort=12006
FirewallRules: [{DE778F75-264F-4DD1-9AEA-E9E596F9A2DE}] => (Allow) LPort=12005
FirewallRules: [UDP Query User{3A25DB88-CBD8-4672-83B4-2CA7924D9A9C}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{F4AC6A4B-3EC9-4C36-ADD8-978D075E6EDA}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [{E8ABDF2D-CB98-4B00-9A5D-D5263157FF9F}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{9EFCD39B-278A-41C4-9D6F-FEBDAF13B612}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{106FAA38-03B9-4FFF-AB10-A08E8EC6D678}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{E349C282-8234-4A3F-98AE-F2A5D4DB1ED5}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{DB807C1B-A1C3-4E00-892A-F9AE8282C456}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{85336D17-38F3-45B4-8D72-051F0B5F7F40}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1A02D68D-F1FA-49E1-A524-C0C7CA81B2D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BAFDC397-7ED7-442A-BB3B-EDDE31B47FC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{C9CF6AFF-FB59-49D9-9F37-F250BD6E5FE3}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EB2E941A-A03C-4635-9188-32922C04DDDC}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{9E5A378B-396D-4486-BE32-D9E00F4EA763}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3F887FB1-8C25-4167-96FB-484A53CF84E5}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{158CB9F0-B425-42C9-93AC-BE005FA2FC5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4D2543CF-2728-4FE6-B8ED-544E810D53AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9305D71-6F14-4131-BEDB-164C8710DBF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{425CEBC0-F28E-4F0F-B640-50D8F40924C2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AAFFE893-A1DC-446C-9629-6F3793EFCA15}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{CEE00E68-9759-4CB0-99EE-199E418041BF}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{D2C94E71-A716-459E-9390-F4D7B0DD02B0}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{AED56998-9A8C-40DA-B53D-388D42007A00}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{1E7734A4-51D6-4975-ACAE-F782A8B8C8CC}] => (Allow) C:\Users\Mihalj\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D3780B7C-1439-4C8A-AB90-8028E97536E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC3456AE-033E-4352-AEEC-4B95319B90BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{375569B0-01D5-4125-A512-3DD4A394FE08}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8BFDEFD8-9651-4145-878D-9BB73CDA7E18}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{488583EA-6375-4A7F-9E58-A1F521C790E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B0AB638C-F0C8-46E6-8D8B-1CD7C5263C39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{822344FC-8D56-4EA6-877E-E5D8ECB76E12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10494D63-372F-4A90-9DAA-7616E1FF1EB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14EB75FF-F0AE-449D-87C4-4FE76F6E2854}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9EF9F5C-CA02-4B1E-B335-62061702D731}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BC3F4A10-8260-496C-B837-7BD372FCDA22}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

03-01-2016 11:19:21 Removed Java 8 Update 66
11-01-2016 19:51:35 Installed Hi-Rez Studios Games
15-01-2016 05:30:15 Windows Update
22-01-2016 19:28:07 Norton_Power_Eraser_20160122192807041

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/23/2016 12:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.63, Zeitstempel: 0x568b22e4
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000517aa6
ID des fehlerhaften Prozesses: 0x1458
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (01/23/2016 12:25:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (01/23/2016 12:25:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141

Error: (01/23/2016 12:25:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2016 10:14:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm launcher.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 744

Startzeit: 01d155bc6d2690b1

Beendigungszeit: 3

Anwendungspfad: D:\Games\CCP\EVE\launcher\appdata\EVE_Online_Launcher-2.2.998306.win32\launcher.exe

Berichts-ID: ae4e3e72-c1b1-11e5-8498-bcee7b9a09b3

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (01/23/2016 08:59:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96de3
Name des fehlerhaften Moduls: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96de3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000f6b4c
ID des fehlerhaften Prozesses: 0x22a4
Startzeit der fehlerhaften Anwendung: 0xSetPoint.exe0
Pfad der fehlerhaften Anwendung: SetPoint.exe1
Pfad des fehlerhaften Moduls: SetPoint.exe2
Berichtskennung: SetPoint.exe3
Vollständiger Name des fehlerhaften Pakets: SetPoint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SetPoint.exe5

Error: (01/23/2016 12:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (01/23/2016 12:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141

Error: (01/23/2016 12:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/22/2016 07:28:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


Systemfehler:
=============
Error: (01/23/2016 11:29:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎01.‎2016 um 11:10:20 unerwartet heruntergefahren.

Error: (01/23/2016 11:11:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_50b8f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:11:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _50b8f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:11:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_50b8f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:11:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/23/2016 11:09:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1b005c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:09:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1b005c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:09:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1b005c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:09:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1b005c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 11:09:50 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-01-15 20:05:38.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 03:02:59.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 21:02:36.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 11:34:57.560
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-31 15:10:39.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-30 18:59:24.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-24 06:03:03.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-23 23:37:03.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-23 23:34:49.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 07:42:28.655
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16322.86 MB
Verfügbarer physikalischer RAM: 13168.91 MB
Summe virtueller Speicher: 18754.86 MB
Verfügbarer virtueller Speicher: 15033.58 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.44 GB) (Free:133.1 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:886.45 GB) (Free:671.08 GB) NTFS
Drive f: (Volume) (Fixed) (Total:976.56 GB) (Free:588.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55BDBD6D)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 55BDBD96)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 23.01.2016, 13:40   #5
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Code:
ATTFilter
13:12:07.0753 0x0cb4  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:12:34.0567 0x0cb4  ============================================================
13:12:34.0567 0x0cb4  Current date / time: 2016/01/23 13:12:34.0567
13:12:34.0567 0x0cb4  SystemInfo:
13:12:34.0567 0x0cb4  
13:12:34.0567 0x0cb4  OS Version: 10.0.10586 ServicePack: 0.0
13:12:34.0567 0x0cb4  Product type: Workstation
13:12:34.0567 0x0cb4  ComputerName: MICHIBÜRO
13:12:34.0567 0x0cb4  UserName: Mihalj
13:12:34.0567 0x0cb4  Windows directory: C:\WINDOWS
13:12:34.0567 0x0cb4  System windows directory: C:\WINDOWS
13:12:34.0567 0x0cb4  Running under WOW64
13:12:34.0567 0x0cb4  Processor architecture: Intel x64
13:12:34.0567 0x0cb4  Number of processors: 8
13:12:34.0567 0x0cb4  Page size: 0x1000
13:12:34.0567 0x0cb4  Boot type: Normal boot
13:12:34.0567 0x0cb4  ============================================================
13:12:35.0775 0x0cb4  KLMD registered as C:\WINDOWS\system32\drivers\03648351.sys
13:12:38.0516 0x0cb4  System UUID: {E52DB968-07A7-8E71-3D7A-142C1E3FCF57}
13:12:44.0970 0x0cb4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:12:44.0970 0x0cb4  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:12:44.0971 0x0cb4  ============================================================
13:12:44.0971 0x0cb4  \Device\Harddisk0\DR0:
13:12:44.0972 0x0cb4  MBR partitions:
13:12:44.0972 0x0cb4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D0E3970
13:12:44.0972 0x0cb4  \Device\Harddisk1\DR1:
13:12:44.0972 0x0cb4  MBR partitions:
13:12:44.0972 0x0cb4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6ECE7800
13:12:44.0972 0x0cb4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6ECE8000, BlocksNum 0x7A11F800
13:12:44.0972 0x0cb4  ============================================================
13:12:44.0972 0x0cb4  C: <-> \Device\Harddisk0\DR0\Partition1
13:12:45.0004 0x0cb4  D: <-> \Device\Harddisk1\DR1\Partition1
13:12:45.0022 0x0cb4  F: <-> \Device\Harddisk1\DR1\Partition2
13:12:45.0022 0x0cb4  ============================================================
13:12:45.0022 0x0cb4  Initialize success
13:12:45.0022 0x0cb4  ============================================================
13:13:22.0350 0x1028  ============================================================
13:13:22.0350 0x1028  Scan started
13:13:22.0350 0x1028  Mode: Manual; SigCheck; TDLFS; 
13:13:22.0350 0x1028  ============================================================
13:13:22.0350 0x1028  KSN ping started
13:13:23.0428 0x1028  KSN ping finished: true
13:13:23.0989 0x1028  ================ Scan system memory ========================
13:13:23.0989 0x1028  System memory - ok
13:13:23.0989 0x1028  ================ Scan services =============================
13:13:24.0013 0x1028  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:13:24.0056 0x1028  1394ohci - ok
13:13:24.0062 0x1028  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:13:24.0072 0x1028  3ware - ok
13:13:24.0082 0x1028  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:13:24.0098 0x1028  ACPI - ok
13:13:24.0102 0x1028  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:13:24.0112 0x1028  acpiex - ok
13:13:24.0115 0x1028  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:13:24.0124 0x1028  acpipagr - ok
13:13:24.0126 0x1028  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:13:24.0135 0x1028  AcpiPmi - ok
13:13:24.0138 0x1028  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:13:24.0147 0x1028  acpitime - ok
13:13:24.0152 0x1028  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:13:24.0158 0x1028  AdobeARMservice - ok
13:13:24.0173 0x1028  [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:13:24.0181 0x1028  AdobeFlashPlayerUpdateSvc - ok
13:13:24.0199 0x1028  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:13:24.0223 0x1028  ADP80XX - ok
13:13:24.0234 0x1028  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:13:24.0250 0x1028  AFD - ok
13:13:24.0254 0x1028  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:13:24.0262 0x1028  agp440 - ok
13:13:24.0267 0x1028  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:13:24.0280 0x1028  ahcache - ok
13:13:24.0283 0x1028  [ 8748FFAF7D8C89CB01957B1899950997, D3B69B2C14301692B5CFB15F93A7C9030261E23DFFD571557367880D128C3141 ] AIDA64Driver    C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64
13:13:24.0294 0x1028  AIDA64Driver - ok
13:13:24.0297 0x1028  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
13:13:24.0306 0x1028  AJRouter - ok
13:13:24.0310 0x1028  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
13:13:24.0320 0x1028  ALG - ok
13:13:24.0324 0x1028  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:13:24.0335 0x1028  AmdK8 - ok
13:13:24.0338 0x1028  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:13:24.0349 0x1028  AmdPPM - ok
13:13:24.0352 0x1028  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:13:24.0360 0x1028  amdsata - ok
13:13:24.0366 0x1028  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:13:24.0377 0x1028  amdsbs - ok
13:13:24.0380 0x1028  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:13:24.0387 0x1028  amdxata - ok
13:13:24.0391 0x1028  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:13:24.0400 0x1028  AppID - ok
13:13:24.0403 0x1028  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:13:24.0416 0x1028  AppIDSvc - ok
13:13:24.0419 0x1028  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:13:24.0432 0x1028  Appinfo - ok
13:13:24.0436 0x1028  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:13:24.0442 0x1028  Apple Mobile Device Service - ok
13:13:24.0451 0x1028  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:13:24.0470 0x1028  AppReadiness - ok
13:13:24.0498 0x1028  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:13:24.0548 0x1028  AppXSvc - ok
13:13:24.0554 0x1028  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:13:24.0563 0x1028  arcsas - ok
13:13:24.0567 0x1028  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\WINDOWS\system32\drivers\asahci64.sys
13:13:24.0573 0x1028  asahci64 - ok
13:13:24.0586 0x1028  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
13:13:24.0603 0x1028  asComSvc - ok
13:13:24.0606 0x1028  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
13:13:24.0611 0x1028  AsIO - ok
13:13:24.0614 0x1028  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
13:13:24.0624 0x1028  AsyncMac - ok
13:13:24.0627 0x1028  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:13:24.0634 0x1028  atapi - ok
13:13:24.0640 0x1028  [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:13:24.0655 0x1028  AudioEndpointBuilder - ok
13:13:24.0670 0x1028  [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:13:24.0699 0x1028  Audiosrv - ok
13:13:24.0704 0x1028  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:13:24.0717 0x1028  AxInstSV - ok
13:13:24.0727 0x1028  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:13:24.0742 0x1028  b06bdrv - ok
13:13:24.0745 0x1028  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:13:24.0755 0x1028  BasicDisplay - ok
13:13:24.0757 0x1028  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:13:24.0767 0x1028  BasicRender - ok
13:13:24.0770 0x1028  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
13:13:24.0779 0x1028  bcmfn - ok
13:13:24.0781 0x1028  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:13:24.0789 0x1028  bcmfn2 - ok
13:13:24.0796 0x1028  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:13:24.0812 0x1028  BDESVC - ok
13:13:24.0815 0x1028  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:13:24.0825 0x1028  Beep - ok
13:13:24.0838 0x1028  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
13:13:24.0862 0x1028  BFE - ok
13:13:24.0886 0x1028  [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20160119.001\BHDrvx64.sys
13:13:24.0913 0x1028  BHDrvx64 - ok
13:13:24.0930 0x1028  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:13:24.0961 0x1028  BITS - ok
13:13:24.0970 0x1028  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:13:24.0979 0x1028  Bonjour Service - ok
13:13:24.0984 0x1028  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:13:24.0994 0x1028  bowser - ok
13:13:25.0000 0x1028  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys
13:13:25.0006 0x1028  BRDriver64 - ok
13:13:25.0016 0x1028  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:13:25.0036 0x1028  BrokerInfrastructure - ok
13:13:25.0041 0x1028  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
13:13:25.0052 0x1028  Browser - ok
13:13:25.0069 0x1028  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
13:13:25.0078 0x1028  BRSptStub - ok
13:13:25.0092 0x1028  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
13:13:25.0103 0x1028  BRSptSvc - ok
13:13:25.0106 0x1028  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:13:25.0116 0x1028  BthAvrcpTg - ok
13:13:25.0119 0x1028  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:13:25.0129 0x1028  BthHFEnum - ok
13:13:25.0133 0x1028  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:13:25.0143 0x1028  bthhfhid - ok
13:13:25.0149 0x1028  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:13:25.0164 0x1028  BthHFSrv - ok
13:13:25.0168 0x1028  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:13:25.0178 0x1028  BTHMODEM - ok
13:13:25.0182 0x1028  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:13:25.0192 0x1028  bthserv - ok
13:13:25.0194 0x1028  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:13:25.0204 0x1028  buttonconverter - ok
13:13:25.0224 0x1028  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:13:25.0250 0x1028  c2cautoupdatesvc - ok
13:13:25.0274 0x1028  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:13:25.0303 0x1028  c2cpnrsvc - ok
13:13:25.0308 0x1028  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
13:13:25.0320 0x1028  CapImg - ok
13:13:25.0326 0x1028  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360x64\1605050.00F\ccSetx64.sys
13:13:25.0333 0x1028  ccSet_N360 - ok
13:13:25.0337 0x1028  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:13:25.0348 0x1028  cdfs - ok
13:13:25.0354 0x1028  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
13:13:25.0370 0x1028  CDPSvc - ok
13:13:25.0375 0x1028  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:13:25.0386 0x1028  cdrom - ok
13:13:25.0391 0x1028  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:13:25.0406 0x1028  CertPropSvc - ok
13:13:25.0410 0x1028  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:13:25.0420 0x1028  circlass - ok
13:13:25.0427 0x1028  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:13:25.0440 0x1028  CLFS - ok
13:13:25.0480 0x1028  [ 80E9ED159D9CFC9EA59A6FA0DE7843AE, EECA5709B45057BE00F10E32A75E21F87D2DDDF4E043C468CD1920F6EC47329D ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:13:25.0522 0x1028  ClickToRunSvc - ok
13:13:25.0534 0x1028  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
13:13:25.0551 0x1028  ClipSVC - ok
13:13:25.0557 0x1028  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:13:25.0566 0x1028  CmBatt - ok
13:13:25.0577 0x1028  [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:13:25.0594 0x1028  CNG - ok
13:13:25.0597 0x1028  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:13:25.0606 0x1028  cnghwassist - ok
13:13:25.0616 0x1028  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
13:13:25.0626 0x1028  CompositeBus - ok
13:13:25.0628 0x1028  COMSysApp - ok
13:13:25.0630 0x1028  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:13:25.0638 0x1028  condrv - ok
13:13:25.0644 0x09b8  Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:13:25.0651 0x1028  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:13:25.0670 0x1028  CoreMessagingRegistrar - ok
13:13:25.0675 0x1028  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:13:25.0686 0x1028  CryptSvc - ok
13:13:25.0689 0x1028  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:13:25.0697 0x1028  dam - ok
13:13:25.0699 0x1028  dbupdate - ok
13:13:25.0700 0x1028  dbupdatem - ok
13:13:25.0716 0x1028  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:13:25.0743 0x1028  DcomLaunch - ok
13:13:25.0748 0x1028  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
13:13:25.0763 0x1028  DcpSvc - ok
13:13:25.0774 0x1028  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:13:25.0796 0x1028  defragsvc - ok
13:13:25.0806 0x1028  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:13:25.0823 0x1028  DeviceAssociationService - ok
13:13:25.0827 0x1028  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:13:25.0842 0x1028  DeviceInstall - ok
13:13:25.0845 0x1028  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
13:13:25.0854 0x1028  DevQueryBroker - ok
13:13:25.0858 0x1028  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:13:25.0870 0x1028  Dfsc - ok
13:13:25.0877 0x1028  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:13:25.0893 0x1028  Dhcp - ok
13:13:25.0895 0x1028  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:13:25.0905 0x1028  diagnosticshub.standardcollector.service - ok
13:13:25.0927 0x1028  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:13:25.0959 0x1028  DiagTrack - ok
13:13:25.0963 0x1028  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:13:25.0972 0x1028  disk - ok
13:13:25.0978 0x1028  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:13:25.0994 0x1028  DmEnrollmentSvc - ok
13:13:25.0997 0x1028  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:13:26.0007 0x1028  dmvsc - ok
13:13:26.0009 0x1028  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:13:26.0021 0x1028  dmwappushservice - ok
13:13:26.0027 0x1028  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:13:26.0041 0x1028  Dnscache - ok
13:13:26.0048 0x1028  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:13:26.0063 0x1028  dot3svc - ok
13:13:26.0068 0x1028  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
13:13:26.0081 0x1028  DPS - ok
13:13:26.0083 0x1028  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
13:13:26.0091 0x1028  drmkaud - ok
13:13:26.0096 0x1028  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:13:26.0109 0x1028  DsmSvc - ok
13:13:26.0113 0x1028  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
13:13:26.0125 0x1028  DsSvc - ok
13:13:26.0130 0x1028  [ 6688B6F74C360CBC366B7AF948D9084D, 9ED4BEEB5E53D1BA9095D1C3F680FCB9FD8389C4AD7BE388786AC3CECC7EC98A ] DTSAudioSvc     C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
13:13:26.0140 0x1028  DTSAudioSvc - ok
13:13:26.0166 0x1028  [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:13:26.0204 0x1028  DXGKrnl - ok
13:13:26.0215 0x1028  [ E716140ACA798A5EC48531F0739A0290, C585F1D9B08A406FE0ED35E07C2F20E793E67F8E153314A449701125C8EA7A4B ] e1iexpress      C:\WINDOWS\System32\drivers\e1i63x64.sys
13:13:26.0232 0x1028  e1iexpress - ok
13:13:26.0236 0x1028  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:13:26.0248 0x1028  Eaphost - ok
13:13:26.0292 0x1028  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:13:26.0349 0x1028  ebdrv - ok
13:13:26.0359 0x1028  [ DB817375F4D6D3F2556DE7777775D885, 6DC5CC936E26CBB468ACDD008F6F8B30F8D9D1EC631BCDDF7E692814C9A54D7D ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:13:26.0371 0x1028  eeCtrl - ok
13:13:26.0375 0x1028  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
13:13:26.0384 0x1028  EFS - ok
13:13:26.0387 0x1028  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:13:26.0395 0x1028  EhStorClass - ok
13:13:26.0398 0x1028  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:13:26.0408 0x1028  EhStorTcgDrv - ok
13:13:26.0411 0x1028  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
13:13:26.0423 0x1028  embeddedmode - ok
13:13:26.0429 0x1028  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:13:26.0444 0x1028  EntAppSvc - ok
13:13:26.0453 0x1028  [ B5581646636759D0DAFA8B008881C079, 0CADE029ABDCDE3A89C0786F1698C93D9A7CC981EFB3761CF243E19E178FF611 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
13:13:26.0463 0x1028  EPSON_EB_RPCV4_01 - ok
13:13:26.0474 0x1028  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
13:13:26.0483 0x1028  EPSON_PM_RPCV4_01 - ok
13:13:26.0487 0x1028  [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:13:26.0494 0x1028  EraserUtilRebootDrv - ok
13:13:26.0496 0x1028  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:13:26.0506 0x1028  ErrDev - ok
13:13:26.0510 0x1028  [ F0398A8040D902ED669B5C8C64AD855D, 77B784A6105E34F4ED480993F36B28C68F16080EB590623CBE8DE022274DA359 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
13:13:26.0515 0x1028  ESProtectionDriver - ok
13:13:26.0525 0x1028  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
13:13:26.0544 0x1028  EventSystem - ok
13:13:26.0551 0x1028  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:13:26.0565 0x1028  exfat - ok
13:13:26.0572 0x1028  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:13:26.0584 0x1028  fastfat - ok
13:13:26.0594 0x1028  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:13:26.0616 0x1028  Fax - ok
13:13:26.0619 0x1028  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:13:26.0629 0x1028  fdc - ok
13:13:26.0632 0x1028  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:13:26.0644 0x1028  fdPHost - ok
13:13:26.0647 0x1028  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:13:26.0660 0x1028  FDResPub - ok
13:13:26.0663 0x1028  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:13:26.0677 0x1028  fhsvc - ok
13:13:26.0681 0x1028  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
13:13:26.0691 0x1028  FileCrypt - ok
13:13:26.0694 0x1028  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:13:26.0702 0x1028  FileInfo - ok
13:13:26.0706 0x1028  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:13:26.0718 0x1028  Filetrace - ok
13:13:26.0720 0x1028  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:13:26.0729 0x1028  flpydisk - ok
13:13:26.0737 0x1028  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:13:26.0750 0x1028  FltMgr - ok
13:13:26.0773 0x1028  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:13:26.0814 0x09b8  Object send P2P result: true
13:13:26.0816 0x1028  FontCache - ok
13:13:26.0820 0x1028  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:13:26.0827 0x1028  FontCache3.0.0.0 - ok
13:13:26.0831 0x1028  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:13:26.0839 0x2f1c  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
13:13:26.0839 0x1028  FsDepends - ok
13:13:26.0841 0x1028  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:13:26.0849 0x1028  Fs_Rec - ok
13:13:26.0860 0x1028  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:13:26.0877 0x1028  fvevol - ok
13:13:26.0880 0x1028  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:13:26.0888 0x1028  gagp30kx - ok
13:13:26.0892 0x1028  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:13:26.0897 0x1028  GEARAspiWDM - ok
13:13:26.0900 0x1028  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:13:26.0909 0x1028  gencounter - ok
13:13:26.0911 0x1028  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
13:13:26.0920 0x1028  genericusbfn - ok
13:13:26.0937 0x1028  [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:13:26.0956 0x1028  GfExperienceService - ok
13:13:26.0961 0x1028  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:13:26.0971 0x1028  GPIOClx0101 - ok
13:13:26.0990 0x1028  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:13:27.0026 0x1028  gpsvc - ok
13:13:27.0029 0x1028  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:13:27.0041 0x1028  GpuEnergyDrv - ok
13:13:27.0045 0x1028  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:13:27.0052 0x1028  gupdate - ok
13:13:27.0056 0x1028  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:13:27.0062 0x1028  gupdatem - ok
13:13:27.0065 0x1028  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:13:27.0075 0x1028  HDAudBus - ok
13:13:27.0078 0x1028  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:13:27.0087 0x1028  HidBatt - ok
13:13:27.0091 0x1028  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:13:27.0101 0x1028  HidBth - ok
13:13:27.0104 0x1028  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:13:27.0114 0x1028  hidi2c - ok
13:13:27.0117 0x1028  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:13:27.0124 0x1028  hidinterrupt - ok
13:13:27.0127 0x1028  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:13:27.0137 0x1028  HidIr - ok
13:13:27.0140 0x1028  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:13:27.0150 0x1028  hidserv - ok
13:13:27.0153 0x1028  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:13:27.0162 0x1028  HidUsb - ok
13:13:27.0191 0x1028  [ BBCC44D677183BEFED776C1ED6B138D1, A219E3C834550FA70E3D3986BFB31C40249B8A43F13BA023B21341C08249A65C ] HiPatchService  D:\HiPatchService.exe
13:13:27.0195 0x1028  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
13:13:28.0045 0x2f1c  Object send P2P result: true
13:13:28.0263 0x1028  Detect skipped due to KSN trusted
13:13:28.0263 0x1028  HiPatchService - ok
13:13:28.0270 0x1028  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:13:28.0285 0x1028  HomeGroupListener - ok
13:13:28.0293 0x1028  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:13:28.0313 0x1028  HomeGroupProvider - ok
13:13:28.0318 0x1028  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:13:28.0327 0x1028  HpSAMD - ok
13:13:28.0354 0x1028  [ 77ED10C64F9DE2BF3F4F0B92541422F6, ADC7DDA8CBA47E7EE17BAB9EAA5DD51EB86A4DDB402EF1F24F81ECCA990583A6 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
13:13:28.0376 0x1028  hshld - detected UnsignedFile.Multi.Generic ( 1 )
13:13:29.0475 0x1028  Detect skipped due to KSN trusted
13:13:29.0475 0x1028  hshld - ok
13:13:29.0485 0x1028  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\WINDOWS\system32\DRIVERS\hssdrv6.sys
13:13:29.0500 0x1028  HssDRV6 - ok
13:13:29.0511 0x1028  [ 7A97848FE7C47F9390427EBDDD92F9F1, 2C053D1433585B3FA0ED839CDFC80CAB3A2D670F5B1F6E3D80BC31EB5CE0E948 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
13:13:29.0525 0x1028  HssTrayService - ok
13:13:29.0554 0x1028  [ 5CB01FD5AA4885BC4811433B54393AF2, 018AC4FDE8099731C3D9F77EE66B6EB902DC246D4E68DD20962CD2D7C48C2123 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
13:13:29.0581 0x1028  HssWd - ok
13:13:29.0598 0x1028  [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:13:29.0623 0x1028  HTTP - ok
13:13:29.0627 0x1028  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:13:29.0634 0x1028  hwpolicy - ok
13:13:29.0637 0x1028  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:13:29.0646 0x1028  hyperkbd - ok
13:13:29.0650 0x1028  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:13:29.0660 0x1028  i8042prt - ok
13:13:29.0664 0x1028  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
13:13:29.0674 0x1028  iai2c - ok
13:13:29.0679 0x1028  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:13:29.0691 0x1028  iaLPSS2i_I2C - ok
13:13:29.0694 0x1028  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:13:29.0700 0x1028  iaLPSSi_GPIO - ok
13:13:29.0704 0x1028  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:13:29.0715 0x1028  iaLPSSi_I2C - ok
13:13:29.0726 0x1028  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:13:29.0740 0x1028  iaStorA - ok
13:13:29.0751 0x1028  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:13:29.0768 0x1028  iaStorAV - ok
13:13:29.0772 0x1028  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:13:29.0777 0x1028  IAStorDataMgrSvc - ok
13:13:29.0785 0x1028  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:13:29.0797 0x1028  iaStorV - ok
13:13:29.0807 0x1028  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
13:13:29.0820 0x1028  ibbus - ok
13:13:29.0825 0x1028  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
13:13:29.0838 0x1028  icssvc - ok
13:13:29.0851 0x1028  [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20160122.001\IDSvia64.sys
13:13:29.0866 0x1028  IDSVia64 - ok
13:13:29.0868 0x1028  IEEtwCollectorService - ok
13:13:29.0882 0x1028  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:13:29.0909 0x1028  IKEEXT - ok
13:13:29.0957 0x1028  [ FA2B7507CD49908B2260949E52F8B9FE, 0EA0B3B25A3B668CA18313E34138DADA5C9835E476A1BFC56588B946DF0A92E0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:13:30.0008 0x1028  IntcAzAudAddService - ok
13:13:30.0013 0x1028  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:13:30.0021 0x1028  intelide - ok
13:13:30.0024 0x1028  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:13:30.0032 0x1028  intelpep - ok
13:13:30.0037 0x1028  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:13:30.0047 0x1028  intelppm - ok
13:13:30.0050 0x1028  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
13:13:30.0059 0x1028  IoQos - ok
13:13:30.0062 0x1028  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:13:30.0074 0x1028  IpFilterDriver - ok
13:13:30.0088 0x1028  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:13:30.0116 0x1028  iphlpsvc - ok
13:13:30.0120 0x1028  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:13:30.0130 0x1028  IPMIDRV - ok
13:13:30.0135 0x1028  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:13:30.0146 0x1028  IPNAT - ok
13:13:30.0157 0x1028  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:13:30.0169 0x1028  iPod Service - ok
13:13:30.0172 0x1028  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:13:30.0183 0x1028  IRENUM - ok
13:13:30.0185 0x1028  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:13:30.0193 0x1028  isapnp - ok
13:13:30.0198 0x1028  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:13:30.0209 0x1028  iScsiPrt - ok
13:13:30.0213 0x1028  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:13:30.0221 0x1028  kbdclass - ok
13:13:30.0223 0x1028  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:13:30.0233 0x1028  kbdhid - ok
13:13:30.0235 0x1028  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
13:13:30.0244 0x1028  kdnic - ok
13:13:30.0248 0x1028  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:13:30.0256 0x1028  KeyIso - ok
13:13:30.0260 0x1028  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:13:30.0269 0x1028  KSecDD - ok
13:13:30.0274 0x1028  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:13:30.0284 0x1028  KSecPkg - ok
13:13:30.0286 0x1028  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:13:30.0295 0x1028  ksthunk - ok
13:13:30.0302 0x1028  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:13:30.0319 0x1028  KtmRm - ok
13:13:30.0325 0x1028  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:13:30.0340 0x1028  LanmanServer - ok
13:13:30.0347 0x1028  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:13:30.0362 0x1028  LanmanWorkstation - ok
13:13:30.0397 0x1028  [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:13:30.0407 0x1028  LBTServ - ok
13:13:30.0410 0x1028  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
13:13:30.0420 0x1028  lfsvc - ok
13:13:30.0422 0x1028  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
13:13:30.0427 0x1028  LGBusEnum - ok
13:13:30.0430 0x1028  [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD         C:\WINDOWS\System32\Drivers\LGPBTDD.sys
13:13:30.0435 0x1028  LGPBTDD - ok
13:13:30.0438 0x1028  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
13:13:30.0443 0x1028  LGSHidFilt - ok
13:13:30.0446 0x1028  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys
13:13:30.0451 0x1028  LGSUsbFilt - ok
13:13:30.0454 0x1028  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
13:13:30.0459 0x1028  LGVirHid - ok
13:13:30.0461 0x1028  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
13:13:30.0471 0x1028  LicenseManager - ok
13:13:30.0508 0x1028  [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
13:13:30.0548 0x1028  LiveUpdateSvc - ok
13:13:30.0553 0x1028  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
13:13:30.0564 0x1028  lltdio - ok
13:13:30.0570 0x1028  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:13:30.0586 0x1028  lltdsvc - ok
13:13:30.0589 0x1028  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:13:30.0599 0x1028  lmhosts - ok
13:13:30.0603 0x1028  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:13:30.0611 0x1028  LSI_SAS - ok
13:13:30.0615 0x1028  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:13:30.0625 0x1028  LSI_SAS2i - ok
13:13:30.0627 0x1028  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:13:30.0636 0x1028  LSI_SAS3i - ok
13:13:30.0639 0x1028  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:13:30.0649 0x1028  LSI_SSS - ok
13:13:30.0660 0x1028  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
13:13:30.0683 0x1028  LSM - ok
13:13:30.0687 0x1028  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:13:30.0701 0x1028  luafv - ok
13:13:30.0704 0x1028  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
13:13:30.0715 0x1028  MapsBroker - ok
13:13:30.0726 0x1028  [ 4774408EA07208FBC81E19367702D8EE, 52227ABBC59E040AF9C49996E3E7E1B08C9740987D3F90214933164B02B36645 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
13:13:30.0740 0x1028  MbaeSvc - ok
13:13:30.0745 0x1028  [ 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849, 80E571FEE4373E4AF487176C9265FB89912739E961C47880A60115BD50638AEA ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
13:13:30.0751 0x1028  mbamchameleon - ok
13:13:30.0754 0x1028  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
13:13:30.0758 0x1028  MBAMProtector - ok
13:13:30.0779 0x1028  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:13:30.0803 0x1028  MBAMScheduler - ok
13:13:30.0819 0x1028  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:13:30.0838 0x1028  MBAMService - ok
13:13:30.0844 0x1028  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:13:30.0851 0x1028  MBAMSwissArmy - ok
13:13:30.0854 0x1028  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:13:30.0860 0x1028  MBAMWebAccessControl - ok
13:13:30.0862 0x1028  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:13:30.0871 0x1028  megasas - ok
13:13:30.0881 0x1028  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:13:30.0896 0x1028  megasr - ok
13:13:30.0900 0x1028  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
13:13:30.0906 0x1028  MEIx64 - ok
13:13:30.0909 0x1028  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:13:30.0921 0x1028  MessagingService - ok
13:13:30.0938 0x1028  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:13:30.0955 0x1028  mlx4_bus - ok
13:13:30.0959 0x1028  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
13:13:30.0968 0x1028  MMCSS - ok
13:13:30.0971 0x1028  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:13:30.0982 0x1028  Modem - ok
13:13:30.0985 0x1028  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:13:30.0993 0x1028  monitor - ok
13:13:30.0996 0x1028  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:13:31.0005 0x1028  mouclass - ok
13:13:31.0007 0x1028  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:13:31.0017 0x1028  mouhid - ok
13:13:31.0020 0x1028  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:13:31.0029 0x1028  mountmgr - ok
13:13:31.0033 0x1028  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:13:31.0040 0x1028  MozillaMaintenance - ok
13:13:31.0044 0x1028  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:13:31.0054 0x1028  mpsdrv - ok
13:13:31.0068 0x1028  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:13:31.0093 0x1028  MpsSvc - ok
13:13:31.0097 0x1028  [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:13:31.0111 0x1028  MRxDAV - ok
13:13:31.0119 0x1028  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:13:31.0133 0x1028  mrxsmb - ok
13:13:31.0139 0x1028  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:13:31.0154 0x1028  mrxsmb10 - ok
13:13:31.0159 0x1028  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:13:31.0169 0x1028  mrxsmb20 - ok
13:13:31.0174 0x1028  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
13:13:31.0186 0x1028  MsBridge - ok
13:13:31.0190 0x1028  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:13:31.0202 0x1028  MSDTC - ok
13:13:31.0207 0x1028  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:13:31.0217 0x1028  Msfs - ok
13:13:31.0220 0x1028  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:13:31.0227 0x1028  msgpiowin32 - ok
13:13:31.0229 0x1028  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:13:31.0238 0x1028  mshidkmdf - ok
13:13:31.0241 0x1028  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:13:31.0250 0x1028  mshidumdf - ok
13:13:31.0252 0x1028  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:13:31.0260 0x1028  msisadrv - ok
13:13:31.0264 0x1028  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:13:31.0276 0x1028  MSiSCSI - ok
13:13:31.0279 0x1028  msiserver - ok
13:13:31.0281 0x1028  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:13:31.0290 0x1028  MSKSSRV - ok
13:13:31.0293 0x1028  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
13:13:31.0305 0x1028  MsLldp - ok
13:13:31.0307 0x1028  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:13:31.0317 0x1028  MSPCLOCK - ok
13:13:31.0319 0x1028  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:13:31.0327 0x1028  MSPQM - ok
13:13:31.0334 0x1028  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:13:31.0347 0x1028  MsRPC - ok
13:13:31.0351 0x1028  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:13:31.0359 0x1028  mssmbios - ok
13:13:31.0361 0x1028  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:13:31.0371 0x1028  MSTEE - ok
13:13:31.0373 0x1028  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:13:31.0383 0x1028  MTConfig - ok
13:13:31.0387 0x1028  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:13:31.0394 0x1028  Mup - ok
13:13:31.0397 0x1028  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:13:31.0406 0x1028  mvumis - ok
13:13:31.0415 0x1028  [ F5060B229D5997980C5CB28E6EDFF314, 5FB56E9E83D0966E6438748529921F9B6EDBA3A580C498403B9FD4D8857D7FD6 ] N360            C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe
13:13:31.0423 0x1028  N360 - ok
13:13:31.0433 0x1028  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:13:31.0454 0x1028  NativeWifiP - ok
13:13:31.0458 0x1028  [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\ENG64.SYS
13:13:31.0465 0x1028  NAVENG - ok
13:13:31.0493 0x1028  [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\EX64.SYS
13:13:31.0526 0x1028  NAVEX15 - ok
13:13:31.0531 0x1028  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:13:31.0543 0x1028  NcaSvc - ok
13:13:31.0551 0x1028  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:13:31.0576 0x1028  NcbService - ok
13:13:31.0584 0x1028  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:13:31.0622 0x1028  NcdAutoSetup - ok
13:13:31.0625 0x1028  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
13:13:31.0634 0x1028  ndfltr - ok
13:13:31.0651 0x1028  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:13:31.0694 0x1028  NDIS - ok
13:13:31.0699 0x1028  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
13:13:31.0712 0x1028  NdisCap - ok
13:13:31.0715 0x1028  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:13:31.0727 0x1028  NdisImPlatform - ok
13:13:31.0730 0x1028  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:13:31.0741 0x1028  NdisTapi - ok
13:13:31.0744 0x1028  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
13:13:31.0754 0x1028  Ndisuio - ok
13:13:31.0756 0x1028  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:13:31.0766 0x1028  NdisVirtualBus - ok
13:13:31.0771 0x1028  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
13:13:31.0784 0x1028  NdisWan - ok
13:13:31.0789 0x1028  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:13:31.0802 0x1028  ndiswanlegacy - ok
13:13:31.0805 0x1028  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:13:31.0816 0x1028  ndproxy - ok
13:13:31.0820 0x1028  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:13:31.0832 0x1028  Ndu - ok
13:13:31.0834 0x1028  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
13:13:31.0838 0x1028  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
13:13:32.0949 0x1028  Detect skipped due to KSN trusted
13:13:32.0949 0x1028  Netaapl - ok
13:13:32.0960 0x1028  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
13:13:32.0988 0x1028  NetBIOS - ok
13:13:33.0003 0x1028  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:13:33.0030 0x1028  NetBT - ok
13:13:33.0033 0x1028  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:13:33.0042 0x1028  Netlogon - ok
13:13:33.0048 0x1028  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
13:13:33.0064 0x1028  Netman - ok
13:13:33.0073 0x1028  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:13:33.0094 0x1028  netprofm - ok
13:13:33.0099 0x1028  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
13:13:33.0113 0x1028  NetSetupSvc - ok
13:13:33.0119 0x1028  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:13:33.0128 0x1028  NetTcpPortSharing - ok
13:13:33.0135 0x1028  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
13:13:33.0150 0x1028  NgcCtnrSvc - ok
13:13:33.0161 0x1028  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
13:13:33.0182 0x1028  NgcSvc - ok
13:13:33.0190 0x1028  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:13:33.0208 0x1028  NlaSvc - ok
13:13:33.0211 0x1028  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:13:33.0222 0x1028  Npfs - ok
13:13:33.0224 0x1028  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:13:33.0233 0x1028  npsvctrig - ok
13:13:33.0236 0x1028  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:13:33.0246 0x1028  nsi - ok
13:13:33.0250 0x1028  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:13:33.0259 0x1028  nsiproxy - ok
13:13:33.0288 0x1028  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
13:13:33.0332 0x1028  NTFS - ok
13:13:33.0336 0x1028  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:13:33.0346 0x1028  Null - ok
13:13:33.0354 0x1028  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
13:13:33.0361 0x1028  NVHDA - ok
13:13:33.0535 0x1028  [ 2C5C31D18A238768346B896DCE154DBF, A6CD62787B1D57EE63A75B61063B0FEB2193571DF20845F52F6DBF42DC6C6110 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:13:33.0699 0x1028  nvlddmkm - ok
13:13:33.0733 0x1028  [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:13:33.0761 0x1028  NvNetworkService - ok
13:13:33.0766 0x1028  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:13:33.0775 0x1028  nvraid - ok
13:13:33.0780 0x1028  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:13:33.0790 0x1028  nvstor - ok
13:13:33.0792 0x1028  [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:13:33.0797 0x1028  NvStreamKms - ok
13:13:33.0899 0x1028  [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
13:13:34.0006 0x1028  NvStreamNetworkSvc - ok
13:13:34.0089 0x1028  [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
13:13:34.0175 0x1028  NvStreamSvc - ok
13:13:34.0192 0x1028  [ 063BD34A095C88CC2E69CF0B93C0ECA6, 2A1A8998BB8079976C6CA9004775C48AEE82894E967506F720B6D14E158CBCB6 ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
13:13:34.0203 0x1028  NvStUSB - ok
13:13:34.0221 0x1028  [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B, C72B9FEC5354ED38F0CB08ACE64811307B97154B518EF618EA04F6E48376C5BE ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:13:34.0243 0x1028  nvsvc - ok
13:13:34.0247 0x1028  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
13:13:34.0253 0x1028  nvvad_WaveExtensible - ok
13:13:34.0257 0x1028  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:13:34.0266 0x1028  nv_agp - ok
13:13:34.0273 0x1028  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
13:13:34.0290 0x1028  OneSyncSvc - ok
13:13:34.0301 0x1028  [ 55E925E51FAE416DED7EDBF531E63132, C6B507310109550694982497992C138D9C895778FFA2C37E843B10D3AD096945 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:13:34.0310 0x1028  ose - ok
13:13:34.0318 0x1028  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:13:34.0334 0x1028  p2pimsvc - ok
13:13:34.0342 0x1028  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:13:34.0360 0x1028  p2psvc - ok
13:13:34.0363 0x1028  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:13:34.0374 0x1028  Parport - ok
13:13:34.0385 0x1028  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:13:34.0394 0x1028  partmgr - ok
13:13:34.0403 0x1028  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:13:34.0420 0x1028  PcaSvc - ok
13:13:34.0426 0x1028  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:13:34.0438 0x1028  pci - ok
13:13:34.0442 0x1028  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:13:34.0449 0x1028  pciide - ok
13:13:34.0453 0x1028  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:13:34.0462 0x1028  pcmcia - ok
13:13:34.0464 0x1028  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:13:34.0472 0x1028  pcw - ok
13:13:34.0475 0x1028  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:13:34.0484 0x1028  pdc - ok
13:13:34.0495 0x1028  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:13:34.0524 0x1028  PEAUTH - ok
13:13:34.0527 0x1028  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
13:13:34.0536 0x1028  percsas2i - ok
13:13:34.0539 0x1028  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
13:13:34.0547 0x1028  percsas3i - ok
13:13:34.0559 0x1028  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:13:34.0568 0x1028  PerfHost - ok
13:13:34.0583 0x1028  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
13:13:34.0608 0x1028  PhoneSvc - ok
13:13:34.0614 0x1028  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:13:34.0628 0x1028  PimIndexMaintenanceSvc - ok
13:13:34.0656 0x1028  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
13:13:34.0696 0x1028  pla - ok
13:13:34.0701 0x1028  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:13:34.0716 0x1028  PlugPlay - ok
13:13:34.0718 0x1028  PnkBstrA - ok
13:13:34.0721 0x1028  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:13:34.0731 0x1028  PNRPAutoReg - ok
13:13:34.0738 0x1028  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:13:34.0754 0x1028  PNRPsvc - ok
13:13:34.0761 0x1028  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:13:34.0779 0x1028  PolicyAgent - ok
13:13:34.0785 0x1028  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
13:13:34.0796 0x1028  Power - ok
13:13:34.0799 0x1028  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
13:13:34.0811 0x1028  PptpMiniport - ok
13:13:34.0853 0x1028  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:13:34.0927 0x1028  PrintNotify - ok
13:13:34.0934 0x1028  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:13:34.0945 0x1028  Processor - ok
13:13:34.0952 0x1028  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:13:34.0968 0x1028  ProfSvc - ok
13:13:34.0972 0x1028  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
13:13:34.0981 0x1028  Psched - ok
13:13:34.0988 0x1028  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:13:35.0003 0x1028  QWAVE - ok
13:13:35.0005 0x1028  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:13:35.0015 0x1028  QWAVEdrv - ok
13:13:35.0017 0x1028  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:13:35.0027 0x1028  RasAcd - ok
13:13:35.0031 0x1028  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
13:13:35.0043 0x1028  RasAgileVpn - ok
13:13:35.0048 0x1028  [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:13:35.0060 0x1028  RasAuto - ok
13:13:35.0063 0x1028  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
13:13:35.0075 0x1028  Rasl2tp - ok
13:13:35.0086 0x1028  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ]
         


Alt 23.01.2016, 13:41   #6
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Code:
ATTFilter
RasMan          C:\WINDOWS\System32\rasmans.dll
13:13:35.0109 0x1028  RasMan - ok
13:13:35.0114 0x1028  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:13:35.0126 0x1028  RasPppoe - ok
13:13:35.0129 0x1028  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
13:13:35.0141 0x1028  RasSstp - ok
13:13:35.0149 0x1028  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:13:35.0162 0x1028  rdbss - ok
13:13:35.0166 0x1028  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:13:35.0175 0x1028  rdpbus - ok
13:13:35.0180 0x1028  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:13:35.0191 0x1028  RDPDR - ok
13:13:35.0195 0x1028  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:13:35.0203 0x1028  RdpVideoMiniport - ok
13:13:35.0209 0x1028  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:13:35.0219 0x1028  rdyboost - ok
13:13:35.0234 0x1028  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
13:13:35.0257 0x1028  ReFSv1 - ok
13:13:35.0266 0x1028  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:13:35.0286 0x1028  RemoteAccess - ok
13:13:35.0291 0x1028  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:13:35.0306 0x1028  RemoteRegistry - ok
13:13:35.0321 0x1028  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
13:13:35.0357 0x1028  RetailDemo - ok
13:13:35.0362 0x1028  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:13:35.0374 0x1028  RpcEptMapper - ok
13:13:35.0376 0x1028  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:13:35.0386 0x1028  RpcLocator - ok
13:13:35.0400 0x1028  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:13:35.0428 0x1028  RpcSs - ok
13:13:35.0432 0x1028  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
13:13:35.0444 0x1028  rspndr - ok
13:13:35.0446 0x1028  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:13:35.0455 0x1028  s3cap - ok
13:13:35.0458 0x1028  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:13:35.0467 0x1028  SamSs - ok
13:13:35.0471 0x1028  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:13:35.0479 0x1028  sbp2port - ok
13:13:35.0485 0x1028  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:13:35.0502 0x1028  SCardSvr - ok
13:13:35.0507 0x1028  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:13:35.0523 0x1028  ScDeviceEnum - ok
13:13:35.0526 0x1028  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:13:35.0538 0x1028  scfilter - ok
13:13:35.0553 0x1028  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:13:35.0584 0x1028  Schedule - ok
13:13:35.0588 0x1028  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:13:35.0603 0x1028  SCPolicySvc - ok
13:13:35.0610 0x1028  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:13:35.0621 0x1028  sdbus - ok
13:13:35.0626 0x1028  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:13:35.0638 0x1028  SDRSVC - ok
13:13:35.0642 0x1028  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:13:35.0650 0x1028  sdstor - ok
13:13:35.0653 0x1028  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:13:35.0663 0x1028  seclogon - ok
13:13:35.0666 0x1028  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
13:13:35.0680 0x1028  SENS - ok
13:13:35.0698 0x1028  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:13:35.0737 0x1028  SensorDataService - ok
13:13:35.0745 0x1028  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
13:13:35.0761 0x1028  SensorService - ok
13:13:35.0766 0x1028  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:13:35.0779 0x1028  SensrSvc - ok
13:13:35.0782 0x1028  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:13:35.0791 0x1028  SerCx - ok
13:13:35.0795 0x1028  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:13:35.0805 0x1028  SerCx2 - ok
13:13:35.0807 0x1028  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:13:35.0817 0x1028  Serenum - ok
13:13:35.0820 0x1028  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:13:35.0831 0x1028  Serial - ok
13:13:35.0834 0x1028  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:13:35.0843 0x1028  sermouse - ok
13:13:35.0853 0x1028  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:13:35.0870 0x1028  SessionEnv - ok
13:13:35.0873 0x1028  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:13:35.0883 0x1028  sfloppy - ok
13:13:35.0891 0x1028  [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:13:35.0910 0x1028  SharedAccess - ok
13:13:35.0921 0x1028  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:13:35.0947 0x1028  ShellHWDetection - ok
13:13:35.0951 0x1028  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:13:35.0959 0x1028  SiSRaid2 - ok
13:13:35.0962 0x1028  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:13:35.0971 0x1028  SiSRaid4 - ok
13:13:35.0978 0x1028  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:13:35.0990 0x1028  SkypeUpdate - ok
13:13:35.0992 0x1028  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
13:13:36.0005 0x1028  smphost - ok
13:13:36.0009 0x1028  [ F1EF22A6A458E04F7153C0595EAB7C7B, F6795AFEBB0079238C77B7C3517130C7F18BC784075735B28EEDA27A04DF41A4 ] SMR501          C:\WINDOWS\system32\drivers\SMR501.SYS
13:13:36.0015 0x1028  SMR501 - ok
13:13:36.0026 0x1028  [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
13:13:36.0048 0x1028  SmsRouter - ok
13:13:36.0053 0x1028  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:13:36.0065 0x1028  SNMPTRAP - ok
13:13:36.0075 0x1028  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:13:36.0090 0x1028  spaceport - ok
13:13:36.0094 0x1028  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:13:36.0102 0x1028  SpbCx - ok
13:13:36.0115 0x1028  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:13:36.0140 0x1028  Spooler - ok
13:13:36.0221 0x1028  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:13:36.0325 0x1028  sppsvc - ok
13:13:36.0345 0x1028  [ AB3558A087FA03861162F8DE9B681AE8, ACEBE679C31BD9238D1836C38F2433C47FF1C7E8B4F8248404F5D14DE5014A37 ] SRTSP           C:\WINDOWS\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS
13:13:36.0363 0x1028  SRTSP - ok
13:13:36.0368 0x1028  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\WINDOWS\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS
13:13:36.0373 0x1028  SRTSPX - ok
13:13:36.0381 0x1028  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:13:36.0398 0x1028  srv - ok
13:13:36.0410 0x1028  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:13:36.0432 0x1028  srv2 - ok
13:13:36.0438 0x1028  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:13:36.0451 0x1028  srvnet - ok
13:13:36.0457 0x1028  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:13:36.0473 0x1028  SSDPSRV - ok
13:13:36.0478 0x1028  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:13:36.0493 0x1028  SstpSvc - ok
13:13:36.0531 0x1028  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:13:36.0593 0x1028  StateRepository - ok
13:13:36.0611 0x1028  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:13:36.0626 0x1028  Steam Client Service - ok
13:13:36.0635 0x1028  [ 361FCD486D585F388B576E48D11157B2, D14B73976F46ADAC70A08B07B0A25928D25DBC808CFC6297C3E45077749C1758 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:13:36.0646 0x1028  Stereo Service - ok
13:13:36.0648 0x1028  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:13:36.0656 0x1028  stexstor - ok
13:13:36.0667 0x1028  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:13:36.0689 0x1028  stisvc - ok
13:13:36.0693 0x1028  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:13:36.0702 0x1028  storahci - ok
13:13:36.0705 0x1028  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:13:36.0713 0x1028  storflt - ok
13:13:36.0716 0x1028  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:13:36.0724 0x1028  stornvme - ok
13:13:36.0727 0x1028  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
13:13:36.0738 0x1028  storqosflt - ok
13:13:36.0749 0x1028  [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:13:36.0771 0x1028  StorSvc - ok
13:13:36.0773 0x1028  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
13:13:36.0781 0x1028  storufs - ok
13:13:36.0784 0x1028  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:13:36.0791 0x1028  storvsc - ok
13:13:36.0794 0x1028  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:13:36.0806 0x1028  svsvc - ok
13:13:36.0809 0x1028  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:13:36.0817 0x1028  swenum - ok
13:13:36.0825 0x1028  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
13:13:36.0846 0x1028  swprv - ok
13:13:36.0868 0x1028  [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI        C:\WINDOWS\system32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS
13:13:36.0894 0x1028  SymEFASI - ok
13:13:36.0898 0x1028  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\N360x64\1605050.00F\SymELAM.sys
13:13:36.0907 0x1028  SymELAM - ok
13:13:36.0911 0x1028  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:13:36.0917 0x1028  SymEvent - ok
13:13:36.0924 0x1028  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\WINDOWS\system32\drivers\N360x64\1605050.00F\Ironx64.SYS
13:13:36.0933 0x1028  SymIRON - ok
13:13:36.0943 0x1028  [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS         C:\WINDOWS\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS
13:13:36.0956 0x1028  SymNetS - ok
13:13:36.0959 0x1028  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:13:36.0969 0x1028  Synth3dVsc - ok
13:13:36.0985 0x1028  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:13:37.0019 0x1028  SysMain - ok
13:13:37.0027 0x1028  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:13:37.0044 0x1028  SystemEventsBroker - ok
13:13:37.0049 0x1028  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:13:37.0061 0x1028  TabletInputService - ok
13:13:37.0064 0x1028  [ DA0780D55E8CF724CF3EF7CCF0F0DB67, 47CD0FC1CAD0603674EC06C469F7C92518C8668DF6DA56DF5E3DD7640E287203 ] taphss6         C:\WINDOWS\System32\drivers\taphss6.sys
13:13:37.0070 0x1028  taphss6 - ok
13:13:37.0076 0x1028  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:13:37.0092 0x1028  TapiSrv - ok
13:13:37.0124 0x1028  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:13:37.0167 0x1028  Tcpip - ok
13:13:37.0193 0x2cb8  Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
13:13:37.0200 0x1028  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
13:13:37.0242 0x1028  Tcpip6 - ok
13:13:37.0247 0x1028  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:13:37.0258 0x1028  tcpipreg - ok
13:13:37.0263 0x1028  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:13:37.0272 0x1028  tdx - ok
13:13:37.0275 0x1028  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:13:37.0283 0x1028  terminpt - ok
13:13:37.0298 0x1028  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
13:13:37.0327 0x1028  TermService - ok
13:13:37.0331 0x1028  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:13:37.0347 0x1028  Themes - ok
13:13:37.0353 0x1028  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:13:37.0370 0x1028  TieringEngineService - ok
13:13:37.0379 0x1028  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:13:37.0398 0x1028  tiledatamodelsvc - ok
13:13:37.0403 0x1028  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:13:37.0416 0x1028  TimeBroker - ok
13:13:37.0422 0x1028  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
13:13:37.0433 0x1028  TPM - ok
13:13:37.0437 0x1028  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:13:37.0448 0x1028  TrkWks - ok
13:13:37.0452 0x1028  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:13:37.0463 0x1028  TrustedInstaller - ok
13:13:37.0467 0x1028  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:13:37.0477 0x1028  tsusbflt - ok
13:13:37.0479 0x1028  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:13:37.0489 0x1028  TsUsbGD - ok
13:13:37.0493 0x1028  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
13:13:37.0509 0x1028  tunnel - ok
13:13:37.0513 0x1028  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
13:13:37.0524 0x1028  tzautoupdate - ok
13:13:37.0527 0x1028  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:13:37.0536 0x1028  uagp35 - ok
13:13:37.0539 0x1028  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:13:37.0548 0x1028  UASPStor - ok
13:13:37.0551 0x1028  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
13:13:37.0560 0x1028  UcmCx0101 - ok
13:13:37.0563 0x1028  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:13:37.0573 0x1028  UcmUcsi - ok
13:13:37.0579 0x1028  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
13:13:37.0589 0x1028  Ucx01000 - ok
13:13:37.0594 0x1028  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
13:13:37.0604 0x1028  UdeCx - ok
13:13:37.0611 0x1028  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:13:37.0628 0x1028  udfs - ok
13:13:37.0631 0x1028  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:13:37.0638 0x1028  UEFI - ok
13:13:37.0644 0x1028  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
13:13:37.0654 0x1028  Ufx01000 - ok
13:13:37.0658 0x1028  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:13:37.0667 0x1028  UfxChipidea - ok
13:13:37.0671 0x1028  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:13:37.0679 0x1028  ufxsynopsys - ok
13:13:37.0685 0x1028  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:13:37.0697 0x1028  UI0Detect - ok
13:13:37.0700 0x1028  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:13:37.0709 0x1028  uliagpkx - ok
13:13:37.0712 0x1028  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:13:37.0722 0x1028  umbus - ok
13:13:37.0724 0x1028  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:13:37.0734 0x1028  UmPass - ok
13:13:37.0740 0x1028  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:13:37.0754 0x1028  UmRdpService - ok
13:13:37.0772 0x1028  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
13:13:37.0805 0x1028  UnistoreSvc - ok
13:13:37.0822 0x1028  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:13:37.0842 0x1028  upnphost - ok
13:13:37.0845 0x1028  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
13:13:37.0852 0x1028  UrsChipidea - ok
13:13:37.0855 0x1028  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
13:13:37.0863 0x1028  UrsCx01000 - ok
13:13:37.0866 0x1028  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
13:13:37.0873 0x1028  UrsSynopsys - ok
13:13:37.0876 0x1028  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
13:13:37.0881 0x1028  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
13:13:38.0395 0x2cb8  Object send P2P result: true
13:13:38.0396 0x2cb8  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
13:13:38.0984 0x1028  Detect skipped due to KSN trusted
13:13:38.0984 0x1028  USBAAPL64 - ok
13:13:38.0997 0x1028  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
13:13:39.0032 0x1028  usbaudio - ok
13:13:39.0037 0x1028  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:13:39.0049 0x1028  usbccgp - ok
13:13:39.0053 0x1028  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:13:39.0066 0x1028  usbcir - ok
13:13:39.0070 0x1028  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:13:39.0078 0x1028  usbehci - ok
13:13:39.0087 0x1028  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:13:39.0102 0x1028  usbhub - ok
13:13:39.0112 0x1028  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:13:39.0127 0x1028  USBHUB3 - ok
13:13:39.0130 0x1028  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:13:39.0140 0x1028  usbohci - ok
13:13:39.0143 0x1028  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:13:39.0153 0x1028  usbprint - ok
13:13:39.0156 0x1028  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:13:39.0165 0x1028  usbscan - ok
13:13:39.0169 0x1028  [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
13:13:39.0179 0x1028  usbser - ok
13:13:39.0183 0x1028  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:13:39.0191 0x1028  USBSTOR - ok
13:13:39.0195 0x1028  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:13:39.0205 0x1028  usbuhci - ok
13:13:39.0212 0x1028  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:13:39.0225 0x1028  USBXHCI - ok
13:13:39.0247 0x1028  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
13:13:39.0285 0x1028  UserDataSvc - ok
13:13:39.0307 0x1028  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
13:13:39.0334 0x1028  UserManager - ok
13:13:39.0342 0x1028  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
13:13:39.0360 0x1028  UsoSvc - ok
13:13:39.0363 0x1028  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:13:39.0372 0x1028  VaultSvc - ok
13:13:39.0375 0x1028  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:13:39.0383 0x1028  vdrvroot - ok
13:13:39.0393 0x1028  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
13:13:39.0419 0x1028  vds - ok
13:13:39.0425 0x1028  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:13:39.0435 0x1028  VerifierExt - ok
13:13:39.0447 0x1028  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:13:39.0464 0x1028  vhdmp - ok
13:13:39.0468 0x1028  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
13:13:39.0477 0x1028  vhf - ok
13:13:39.0480 0x1028  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:13:39.0489 0x1028  vmbus - ok
13:13:39.0492 0x1028  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:13:39.0502 0x1028  VMBusHID - ok
13:13:39.0511 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:13:39.0529 0x1028  vmicguestinterface - ok
13:13:39.0539 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:13:39.0558 0x1028  vmicheartbeat - ok
13:13:39.0567 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:13:39.0580 0x2cb8  Object send P2P result: true
13:13:39.0580 0x2cb8  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
13:13:39.0586 0x1028  vmickvpexchange - ok
13:13:39.0594 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:13:39.0613 0x1028  vmicrdv - ok
13:13:39.0621 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:13:39.0641 0x1028  vmicshutdown - ok
13:13:39.0650 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:13:39.0668 0x1028  vmictimesync - ok
13:13:39.0677 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
13:13:39.0695 0x1028  vmicvmsession - ok
13:13:39.0705 0x1028  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:13:39.0723 0x1028  vmicvss - ok
13:13:39.0727 0x1028  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:13:39.0735 0x1028  volmgr - ok
13:13:39.0743 0x1028  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:13:39.0755 0x1028  volmgrx - ok
13:13:39.0763 0x1028  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:13:39.0776 0x1028  volsnap - ok
13:13:39.0779 0x1028  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:13:39.0788 0x1028  vpci - ok
13:13:39.0792 0x1028  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:13:39.0802 0x1028  vsmraid - ok
13:13:39.0822 0x1028  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
13:13:39.0862 0x1028  VSS - ok
13:13:39.0870 0x1028  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:13:39.0881 0x1028  VSTXRAID - ok
13:13:39.0884 0x1028  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:13:39.0894 0x1028  vwifibus - ok
13:13:39.0899 0x1028  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
13:13:39.0910 0x1028  vwififlt - ok
13:13:39.0920 0x1028  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
13:13:39.0942 0x1028  W32Time - ok
13:13:39.0946 0x1028  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:13:39.0956 0x1028  WacomPen - ok
13:13:39.0965 0x1028  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
13:13:39.0984 0x1028  WalletService - ok
13:13:39.0987 0x1028  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:13:39.0999 0x1028  wanarp - ok
13:13:40.0003 0x1028  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:13:40.0014 0x1028  wanarpv6 - ok
13:13:40.0037 0x1028  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:13:40.0076 0x1028  wbengine - ok
13:13:40.0088 0x1028  [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:13:40.0109 0x1028  WbioSrvc - ok
13:13:40.0120 0x1028  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:13:40.0141 0x1028  Wcmsvc - ok
13:13:40.0151 0x1028  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:13:40.0170 0x1028  wcncsvc - ok
13:13:40.0174 0x1028  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:13:40.0184 0x1028  WcsPlugInService - ok
13:13:40.0187 0x1028  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:13:40.0195 0x1028  WdBoot - ok
13:13:40.0208 0x1028  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:13:40.0225 0x1028  Wdf01000 - ok
13:13:40.0232 0x1028  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:13:40.0244 0x1028  WdFilter - ok
13:13:40.0248 0x1028  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:13:40.0261 0x1028  WdiServiceHost - ok
13:13:40.0265 0x1028  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:13:40.0279 0x1028  WdiSystemHost - ok
13:13:40.0290 0x1028  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:13:40.0314 0x1028  wdiwifi - ok
13:13:40.0318 0x1028  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:13:40.0327 0x1028  WdNisDrv - ok
13:13:40.0329 0x1028  WdNisSvc - ok
13:13:40.0335 0x1028  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:13:40.0352 0x1028  WebClient - ok
13:13:40.0357 0x1028  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:13:40.0372 0x1028  Wecsvc - ok
13:13:40.0375 0x1028  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:13:40.0387 0x1028  WEPHOSTSVC - ok
13:13:40.0391 0x1028  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:13:40.0406 0x1028  wercplsupport - ok
13:13:40.0412 0x1028  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:13:40.0427 0x1028  WerSvc - ok
13:13:40.0431 0x1028  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
13:13:40.0442 0x1028  WFPLWFS - ok
13:13:40.0446 0x1028  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:13:40.0457 0x1028  WiaRpc - ok
13:13:40.0460 0x1028  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:13:40.0468 0x1028  WIMMount - ok
13:13:40.0469 0x1028  WinDefend - ok
13:13:40.0476 0x1028  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:13:40.0485 0x1028  WindowsTrustedRT - ok
13:13:40.0488 0x1028  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:13:40.0495 0x1028  WindowsTrustedRTProxy - ok
13:13:40.0508 0x1028  [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:13:40.0533 0x1028  WinHttpAutoProxySvc - ok
13:13:40.0536 0x1028  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
13:13:40.0543 0x1028  WinMad - ok
13:13:40.0549 0x1028  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:13:40.0563 0x1028  Winmgmt - ok
13:13:40.0597 0x1028  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:13:40.0658 0x1028  WinRM - ok
13:13:40.0665 0x1028  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
13:13:40.0675 0x1028  WINUSB - ok
13:13:40.0679 0x1028  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
13:13:40.0687 0x1028  WinVerbs - ok
13:13:40.0718 0x1028  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:13:40.0754 0x2cb8  Object send P2P result: true
13:13:40.0758 0x2cb8  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
13:13:40.0774 0x1028  WlanSvc - ok
13:13:40.0803 0x1028  [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:13:40.0852 0x1028  wlidsvc - ok
13:13:40.0856 0x1028  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:13:40.0864 0x1028  WmiAcpi - ok
13:13:40.0871 0x1028  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:13:40.0884 0x1028  wmiApSrv - ok
13:13:40.0886 0x1028  WMPNetworkSvc - ok
13:13:40.0891 0x1028  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:13:40.0902 0x1028  Wof - ok
13:13:40.0929 0x1028  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:13:40.0974 0x1028  workfolderssvc - ok
13:13:40.0979 0x1028  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:13:40.0987 0x1028  wpcfltr - ok
13:13:40.0990 0x1028  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:13:41.0002 0x1028  WPDBusEnum - ok
13:13:41.0005 0x1028  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:13:41.0012 0x1028  WpdUpFltr - ok
13:13:41.0016 0x1028  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
13:13:41.0026 0x1028  WpnService - ok
13:13:41.0029 0x1028  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:13:41.0040 0x1028  ws2ifsl - ok
13:13:41.0045 0x1028  [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:13:41.0059 0x1028  wscsvc - ok
13:13:41.0061 0x1028  WSearch - ok
13:13:41.0107 0x1028  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
13:13:41.0167 0x1028  WSService - ok
13:13:41.0200 0x1028  [ C46159A366C6AA90F1B742999745FA36, AE55797A1C703726359B0B609BEDB7F3C59BE3E81FF736987CD8E5E23195B42E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:13:41.0253 0x1028  wuauserv - ok
13:13:41.0258 0x1028  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:13:41.0270 0x1028  WudfPf - ok
13:13:41.0275 0x1028  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:13:41.0288 0x1028  WUDFRd - ok
13:13:41.0292 0x1028  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:13:41.0304 0x1028  wudfsvc - ok
13:13:41.0310 0x1028  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:13:41.0323 0x1028  WUDFWpdFs - ok
13:13:41.0327 0x1028  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:13:41.0341 0x1028  WUDFWpdMtp - ok
13:13:41.0359 0x1028  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:13:41.0392 0x1028  WwanSvc - ok
13:13:41.0408 0x1028  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
13:13:41.0435 0x1028  XblAuthManager - ok
13:13:41.0453 0x1028  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
13:13:41.0483 0x1028  XblGameSave - ok
13:13:41.0489 0x1028  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
13:13:41.0504 0x1028  xboxgip - ok
13:13:41.0520 0x1028  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
13:13:41.0550 0x1028  XboxNetApiSvc - ok
13:13:41.0553 0x1028  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
13:13:41.0562 0x1028  xinputhid - ok
13:13:41.0563 0x1028  ================ Scan global ===============================
13:13:41.0566 0x1028  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
13:13:41.0572 0x1028  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
13:13:41.0577 0x1028  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:13:41.0585 0x1028  [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
13:13:41.0591 0x1028  [ Global ] - ok
13:13:41.0591 0x1028  ================ Scan MBR ==================================
13:13:41.0592 0x1028  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:13:41.0645 0x1028  \Device\Harddisk0\DR0 - ok
13:13:41.0647 0x1028  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:13:41.0725 0x1028  \Device\Harddisk1\DR1 - ok
13:13:41.0725 0x1028  ================ Scan VBR ==================================
13:13:41.0726 0x1028  [ 4C1246A32855DEB06F8150D135399EEE ] \Device\Harddisk0\DR0\Partition1
13:13:41.0728 0x1028  \Device\Harddisk0\DR0\Partition1 - ok
13:13:41.0729 0x1028  [ F4768622A7D9A95C2A6DECBF22E3FEB9 ] \Device\Harddisk1\DR1\Partition1
13:13:41.0784 0x1028  \Device\Harddisk1\DR1\Partition1 - ok
13:13:41.0788 0x1028  [ DF7524994D2258719108F4D1D12F3476 ] \Device\Harddisk1\DR1\Partition2
13:13:41.0846 0x1028  \Device\Harddisk1\DR1\Partition2 - ok
13:13:41.0847 0x1028  ================ Scan generic autorun ======================
13:13:41.0944 0x2cb8  Object send P2P result: true
13:13:41.0945 0x2cb8  Object required for P2P: [ F5060B229D5997980C5CB28E6EDFF314 ] N360
13:13:41.0986 0x1028  [ CF161C7C6B23A8827C41292F60E6B078, 5A5BCA8AD6D5CE7CB92C2A65173A2DE0D17C1404747C2BF751687DDA0C728FEA ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
13:13:42.0079 0x1028  RTHDVCPL - ok
13:13:42.0102 0x1028  [ BAF91E0F5CDE5300D4957859B8893D03, 18F3C697A7B790ABB8CC026AC6A7D8ED7F9B9DE6F86884DDCA70C819BE603302 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:13:42.0128 0x1028  RtHDVBg_DTS - ok
13:13:42.0134 0x1028  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
13:13:42.0145 0x1028  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
13:13:43.0146 0x2cb8  Object send P2P result: true
13:13:43.0171 0x2cb8  Object required for P2P: [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B ] nvsvc
13:13:43.0235 0x1028  Detect skipped due to KSN trusted
13:13:43.0236 0x1028  IAStorIcon - ok
13:13:43.0318 0x1028  [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:13:43.0358 0x1028  NvBackend - ok
13:13:43.0363 0x1028  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
13:13:43.0379 0x1028  ShadowPlay - ok
13:13:43.0468 0x1028  [ 9401DC5119D4E64F91CDAD7124C0260A, B762AC2EDDCD159D63495FAFC2226189600243F72B1A968CF40527A0F343A682 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
13:13:43.0510 0x1028  EvtMgr6 - ok
13:13:43.0701 0x1028  [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe
13:13:43.0806 0x1028  Launch LCore - ok
13:13:43.0814 0x1028  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
13:13:43.0821 0x1028  iTunesHelper - ok
13:13:43.0823 0x1028  Dropbox - ok
13:13:43.0831 0x1028  [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:13:43.0843 0x1028  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
13:13:44.0367 0x2cb8  Object send P2P result: true
13:13:44.0934 0x1028  Detect skipped due to KSN trusted
13:13:44.0934 0x1028  QuickTime Task - ok
13:13:44.0971 0x1028  [ 4BEE9F6A75933E49BB13834E66C8B36E, 246B1A4CE045A8415C02F6CB7E6181EFE73133217A94C20675AB97FA6B94BA59 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:13:44.0997 0x1028  SunJavaUpdateSched - ok
13:13:45.0033 0x1028  [ 473CD6A860EF672D6DF5CABD2BDE35FB, F4F612CB3BA896D237460AB4A01C73D8495B2B12D4D03EC3598660B5D861DD55 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
13:13:45.0069 0x1028  Malwarebytes Anti-Exploit - ok
13:13:45.0172 0x1028  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:13:45.0286 0x1028  OneDriveSetup - ok
13:13:45.0384 0x1028  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:13:45.0484 0x1028  OneDriveSetup - ok
13:13:45.0563 0x1028  [ 8D43F9F5105A3893E15BACA7BB442ED3, 9439450CBF0E5A78183580485DCB6F55F89B3916A0AC868FBD0D721B1BF9D62D ] C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe
13:13:45.0640 0x1028  Amazon Music - ok
13:13:45.0648 0x1028  [ 8C5A712AA2C4A0F106965D199D8B73B8, AED43CD6E85CC92AD72AE344842F47E39E288BEC78168CBF8BB6A6B9105FBFB8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
13:13:45.0653 0x1028  iCloudDrive - ok
13:13:45.0656 0x1028  [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
13:13:45.0661 0x1028  iCloudServices - ok
13:13:45.0670 0x1028  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:13:45.0684 0x1028  OneDrive - ok
13:13:45.0743 0x1028  [ C7C3992E890E4F82EDC36DC031C85941, 2A0C1BABE468AD0809B07C81C35035770AE211FFF8A7A85537B2501BFAA5B386 ] C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe
13:13:45.0807 0x1028  MyComGames - ok
13:13:45.0812 0x1028  [ BB9217E339B1DE7EB08E2ED0CD89F988, ED488890DD801506C0E6144C6CF7CD878B1E436E4F2B5C5A7C5DA4994532082F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
13:13:45.0818 0x1028  ApplePhotoStreams - ok
13:13:45.0837 0x1028  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
13:13:45.0872 0x1028  Uninstall C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 - ok
13:13:45.0873 0x1028  Waiting for KSN requests completion. In queue: 191
13:13:46.0875 0x1028  Waiting for KSN requests completion. In queue: 191
13:13:46.0991 0x1ac8  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
13:13:47.0875 0x1028  Waiting for KSN requests completion. In queue: 188
13:13:48.0217 0x1ac8  Object send P2P result: true
13:13:48.0225 0x1ac8  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
13:13:48.0876 0x1028  Waiting for KSN requests completion. In queue: 159
13:13:49.0426 0x1ac8  Object send P2P result: true
13:13:49.0438 0x1ac8  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
13:13:49.0877 0x1028  Waiting for KSN requests completion. In queue: 80
13:13:50.0657 0x1ac8  Object send P2P result: true
13:13:50.0672 0x1ac8  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:13:50.0878 0x1028  Waiting for KSN requests completion. In queue: 4
13:13:51.0878 0x1028  Waiting for KSN requests completion. In queue: 4
13:13:51.0881 0x1ac8  Object send P2P result: true
13:13:51.0881 0x1ac8  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
13:13:52.0879 0x1028  Waiting for KSN requests completion. In queue: 1
13:13:53.0086 0x1ac8  Object send P2P result: true
13:13:53.0916 0x1028  AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
13:13:53.0916 0x1028  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
13:13:53.0918 0x1028  FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
13:13:55.0051 0x1028  ============================================================
13:13:55.0051 0x1028  Scan finished
13:13:55.0051 0x1028  ============================================================
13:13:55.0070 0x2880  Detected object count: 0
13:13:55.0070 0x2880  Actual detected object count: 0
         

Alt 23.01.2016, 21:53   #7
M-K-D-B
/// TB-Ausbilder
 
W97M.Downloader - Standard

W97M.Downloader



Servus,




Zukünftig bitte beachten:
Zitat:
Gestartet von F:\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 23.01.2016, 22:36   #8
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Hey,

danke Matthias, den Part mit dem Desktop habe ich wohl übersehen, sorry

Code:
ATTFilter
# AdwCleaner v5.030 - Bericht erstellt am 23/01/2016 um 22:10:57
# Aktualisiert am 17/01/2016 von Xplode
# Datenbank : 2016-01-19.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Mihalj - MICHIBÜRO
# Gestartet von : C:\Users\Mihalj\Desktop\AdwCleaner_5.030.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Condut
[-] Schlüssel Gelöscht : HKCU\Software\Download4windows
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileParade bundle uninstaller
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes 
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [SuggestionsURL_JSON]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DisplayName]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de

***** [ Internetbrowser ] *****

[-] [C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\prefs.js] [Preference] Gelöscht : user_pref("browser.newtabpage.pinned", "[null,null,null,null,null,null,null,null,null,null,null,null,{\"url\":\"hxxp://nortonsafe.search.ask.com/web?q=Losung%20des%20Tages&o=15527&prt=360&chn=retail&g[...]

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2860 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.01.2016
Suchlaufzeit: 22:16
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.23.05
Rootkit-Datenbank: v2016.01.20.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Mihalj

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 406288
Abgelaufene Zeit: 4 Min., 41 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64 
Ran by Mihalj (Administrator) on 23.01.2016 at 22:24:29,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Mihalj\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Public\Desktop\hotspot shield.lnk (Shortcut) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Administrator (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Mihalj (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mihalj.job (Task) 

Deleted the following from C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\prefs.js
user_pref(extensions.iobitascsurfingprotection@iobit.com.install-event-fired, true);



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.01.2016 at 22:27:30,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Mihalj (Administrator) auf MICHIBÜRO (23-01-2016 22:29:24)
Gestartet von C:\Users\Mihalj\Desktop
Geladene Profile: Mihalj (Verfügbare Profile: Mihalj)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Hi-Rez Studios) D:\HiPatchService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Mihalj\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\conathst.exe
(Farbar) C:\Users\Mihalj\Desktop\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [Amazon Music] => C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-09-15] ()
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [MyComGames] => C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe [4746696 2016-01-14] (MY.COM B.V.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\RunOnce: [Uninstall C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Stylus SX200 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [221696 2007-12-13] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
Startup: C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk [2015-11-29]
ShortcutTarget: LCDHost.lnk -> C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{9972aa8a-9d34-4ed1-b078-7c2b36a8f3a0}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{a0c56e8c-cd29-4d58-aad2-a8bbdfeb906b}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-03] (Oracle Corporation)
BHO-x32: Recorder Toolbar -> {120A8821-2BEE-4C29-BCDA-62C577781992} -> C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734
FF NewTab: hxxp://search.norton.com
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\") 

 (host == \"iview.abc.net.au\") 

 (host == \"iviewmetered-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=au\") != -1) 

 (host == \"livestream.com\") 

 (host == \"www.livestream.com\") 

 (host == \"api.new.livestream.com\") 

 (host == \"player.ooyala.com\") 

 (host == \"xnewsvidhd-vh.akamaihd.net\") 

 (host == \"www.animelab.com\") 

 (host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1) 

 (host == \"ici.tou.tv\") 

 (host == \"toutvuniver1-vh.akamaihd.net\") 

 (host == \"geoip.radio-canada.ca\") 

 (host == \"api.radio-canada.ca\") 

 (host == \"images.tou.tv\") 

 (host == \"player.siriusxm.ca\") 

 (host == \"primary.hls-streaming.production.streaming.siriusxm.ca\") 

 (host == \"now.sportsnet.ca\") 

 (host == \"watch.sportsnet.ca\") 

 (host == \"player.9c9media.com\") 

 (host == \"metrics.ctv.ca\") 

 (host == \"capi.9c9media.com\") 

 (host == \"www.ctv.ca\") 

 (host == \"www.willow.tv\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\") 

 (host == \"www.arte.tv\") 

 (host == \"geoftv-a.akamaihd.net\") 

 (host == \"hdfauthftv-a.akamaihd.net\") 

 (host == \"replayftv-vh.akamaihd.net\") 

 (host == \"ftvingest-vh.akamaihd.net\") 

 (host == \"live.francetv.fr\") 

 (host == \"d8.tv\") 

 (host == \"www.d8.tv\") 

 (host == \"us-cplus-aka.canal-plus.com\") 

 (host == \"hds_live_d8_aka-lh.akamaihd.net\") 

 (host == \"d17.tv\") 

 (host == \"www.d17.tv\") 

 (host == \"hds_live_d17_aka-lh.akamaihd.net\") 

 (url.indexOf(\"proxmate=fr\") != -1) 

 (host == \"www.6play.fr\") 

 (host == \"geo.6cloud.fr\") 

 (host == \"proxy-021.dc3.dailymotion.com\") 

 (host == \"proxy-67.dailymotion.com\") 

 (host == \"prof.estat.com\") 

 (host == \"metrics.dailymotion.com\") 

 (host == \"www.dailymotion.com\") 

 (host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\") 

 (host == \"vas.sim-technik.de\") 

 (url.indexOf(\"proxmate=de\") != -1) 

 (host == \"nightclub.de\") 

 (host == \"zdf.de\") 

 (host == \"www.zdf.de\") 

 (host == \"zdf_hds_de-f.akamaihd.net\") 

 (host == \"api.nowtv.de\") 

 (host == \"delivestream-lh.akamaihd.net\") 

 (host == \"cdnapi.kaltura.com\") 

 (host == \"disneychannel.de\") 

 (host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\") 

 (url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\") 

 (host == \"www.rai.tv\") 

 (host == \"mediapolis.rai.it\") 

 (host == \"www.rai.it\") 

 (host == \"stream5.rai.it\") 

 (host == \"stream6.rai.it\") 

 (host == \"stream7.rai.it\") 

 (host == \"sspushrai1-s.akamaihd.net\") 

 (host == \"sspushrai2-s.akamaihd.net\") 

 (host == \"sspushraisport2-s.akamaihd.net\") 

 (host == \"sspushrai3-s.akamaihd.net\") 

 (host == \"secondary.adaptiveedge.rai.it\") 

 (host == \"rai-italia01.wt-eu02.net\") 

 (host == \"download.rai.tv\") 

 (host == \"mediapolisvod.rai.it\") 

 (host == \"ww.rai.tv\") 

 (host == \".xuniplay.fdnames.com\") 

 (url.indexOf(\"xuniplay.fdnames.com\") != -1) 

 (host == \"se-to1-8.se.live3.msf.ticdn.it\") 

 (host == \"live.shinystat.com\") 

 (host == \"lic.mediaset.net\") 

 (host == \"cssr.video.mediaset.it\") 

 (url.indexOf(\"proxmate=it\") != -1) 

 (host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\") 

 (host == \"telecinco1-vh.akamaihd.net\") 

 (host == \"www.telecinco.es\") 

 (url.indexOf(\"proxmate=es\") != -1) 

 (host == \"antena3.com\") 

 (host == \"www.antena3.com\") 

 (host == \"geodesprogresiva.antena3.com\") 

 (host == \"rtve.es\") 

 (host == \"www.rtve.es\") 

 (host == \"ztnr.rtve.es\") 

 (host == \"mvodt.lvlt.rtve.es\") 

 (host == \"swf.rtve.es\") 

 (host == \"cuatro.com\") 

 (host == \"www.cuatro.com\") 

 (host == \"cuatro1-vh.akamaihd.net\") 

 (host == \"peliculas-online.atresplayer.com\") 

 (host == \"servicios.atresplayer.com\") 

 (host == \"atresplayer.com\") 

 (host == \"www.atresplayer.com\") 

 (host == \"k.uecdn.es\") 

 (host == \"v.uecdn.es\") 

 (host == \"as.com\") 

 (host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\") 

 (host == \"www.prosieben.ch\") 

 (host == \"vas.sim-technik.de\") 

 (host == \"s1tv.ch\") 

 (host == \"www.s1tv.ch\") 

 (host == \"zba2-0-hds-live.zahs.tv\") 

 (host == \"embed-zattoo.com\") 

 (host == \"chtv.ch\") 

 (host == \"www.chtv.ch\") 

 (host == \"zba2-1-hds-live.zahs.tv\") 

 (host == \"sat1.ch\") 

 (host == \"www.sat1.ch\") 

 (host == \"rsi.ch\") 

 (host == \"www.rsi.ch\") 

 (host == \"codch-vh.akamaihd.net\") 

 (host == \"il.srgssr.ch\") 

 (host == \"ch.viva.tv\") 

 (host == \"intl.esperanto.mtvi.com\") 

 (url.indexOf(\"proxmate=ch\") != -1) 

 (host == \"zattoo.com\") 

 (host == \"www.srf.ch\") 

 (host == \"srgssruni1ch-lh.akamaihd.net\") 

 (host == \"srgssruni2ch-lh.akamaihd.net\") 

 (host == \"srgssruni3ch-lh.akamaihd.net\") 

 (host == \"www.teleboy.ch\") 

 (host == \"aka-cdn-ns.adtech.de\") 

 (host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"c.brightcove.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"stv-ak.cds1.yospace.com\") 

 (host == \"core.stvfiles.com\") 

 (host == \"player.stv.tv\") 

 (host == \"stv.brightcove.com.edgesuite.net\") 

 (host == \"uk-dev-stv.cdn.videoplaza.tv\") 

 (host == \"mercury.itv.com\") 

 (host == \"www.itv.com\") 

 (host == \"itv.com\") 

 (host == \"llnw.live.btv.simplestream.com\") 

 (host == \"players.simplestream.com\") 

 (host == \"uapi.simplestream.com\") 

 (host == \"channel5.com\") 

 (host == \"wwwcdn.channel5.com\") 

 (host == \"cassie.channel5.com\") 

 (host == \"player.channel5.com\") 

 (host == \"deliver-hls.channel5.com\") 

 (host == \"akahls.channel5.com\") 

 (host == \"llnwhls.channel5.com\") 

 (host == \"milkshake.tv\") 

 (host == \"www.milkshake.tv\") 

 (host == \"trk-euwest.tidaltv.com\") 

 (host == \"mp.adverts.itv.com\") 

 (host == \"req.tidaltv.com\") 

 (host == \"s1.2mdn.net\") 

 (host == \"pes.itv.com\") 

 (host == \"ned.itv.com\") 

 (host == \"itvdotcom.2cnt.net\") 

 (host == \"tom.itv.com\") 

 (host == \"dave.uktv.co.uk\") 

 (host == \"uktvplay.uktv.co.uk\") 

 (host == \"uktvhdse.brightcove.com.edgesuite.net\") 

 (host == \"admin.brightcove.com\") 

 (host == \"really.uktv.co.uk\") 

 (host == \"yesterday.uktv.co.uk\") 

 (host == \"drama.uktv.co.uk\") 

 (host == \"live.tvplayer.com\") 

 (host == \"tvplayer.com\") 

 (host == \"sapi.tvplayer.com\") 

 (host == \"api.tvplayer.com\") 

 (host == \"www.gamefront.com\") 

 (url.indexOf(\"proxmate=uk\") != -1) 

 (host == \"channel4.com\") 

 (host == \"ais.channel4.com\") 

 (host == \"pandr.my.channel4.com\") 

 (host == \"all4nav.channel4.com\") 

 (host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\") 

 (host == \"discidevflash-f.akamaihd.net\") 

 (host == \"api.geoip.dp.discovery.com\") 

 (host == \"vidtech.cbsinteractive.com\") 

 (host == \"vidtech.cbsima.com\") 

 (host == \"om.cbsi.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api-manga.crunchyroll.com\") 

 (host == \"crunchyroll.com\") 

 (host == \"www.crunchyroll.com\") 

 (host == \"cdn.wwtv.warnerbros.com\") 

 (host == \"hlsioscwtv.warnerbros.com\") 

 (host == \"media.cwtv.com\") 

 (host == \"servicesaetn-a.akamaihd.net\") 

 (host == \"live.mlssoccer.com\") 

 (host == \"tvewnbc-i.akamaihd.net\") 

 (host == \"tvenbceast-i.akamaihd.net\") 

 (host == \"nbcmpx-vh.akamaihd.net\") 

 (host == \"www.pandora.com\") 

 (host == \"video.pbs.org\") 

 (host == \"ga.video.cdn.pbs.org\") 

 (host == \"urs.pbs.org\") 

 (host == \"play.spotify.com\") 

 (host == \"www.spotify.com\") 

 (host == \"play.spotify.edgekey.net\") 

 (host == \"www.iheart.com\") 

 (host == \"api2.iheart.com\") 

 (host == \"api.iheart.com\") 

 (host == \"iheart.com\") 

 (host == \"nick.mtvnimages.com\") 

 (host == \"sni-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=us\") != -1) 

 (host == \"api.segment.io\") 

 (host == \"www.vevo.com\") 

 (host == \"vevo.com\") 

 (host == \"apiv2.vevo.com\") 

 (host == \"songza.com\") 

 (host == \"new.songza.com\") 

 (host == \"www.daisuki.net\") 

 (host == \"bngn-vh.akamaihd.net\") 

 (host == \"bngnwww.b-ch.com\") 

 (host == \"www.hbogo.com\") 

 (host == \"catalog.lv3.hbogo.com\") 

 (host == \"profile.lv3.hbogo.com\") 

 (host == \"profile.hbogo.com\") 

 (url.indexOf(\".lv3.hbogo.com\") != -1) 

 (host == \"register.hbogo.com\") 

 (host == \"play.hbogo.com\") 

 (host == \"smetrics.hbogo.com\") 

 (url.indexOf(\".lv3.cdn.hbo.com\") != -1) 

 (host == \"comet.api.hbo.com\") 

 (host == \"play.google.com\") 

 (host == \"checkout.google.com\") 

 (host == \"store.google.com\") 

 (host == \"apis.google.com\") 

 (host == \"amc350888def-vh.akamaihd.net\") 

 (host == \"a564avoddashnsus-a.akamaihd.net\") 

 (host == \"atv-ps.amazon.com\") 

 (host == \"www.amazon.com\") 

 (host == \"amazon.com\") 

 (host == \"fls-na.amazon.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"phds-vod.cdn.turner.com\") 

 (host == \"token.vgtf.net\") 

 (host == \"counter.yadro.ru\") 

 (host == \"turbik.tv\") 

 (host == \"www.ondemandkorea.com\") 

 (host == \"www.fxnetworks.com\") 

 (host == \"fxvcms-f.akamaihd.net\") 

 (host == \"tvetelemundo-vh.akamaihd.net\") 

 (host == \"feed.theplatform.com\") 

 (host == \"fsvideohds-vh.akamaihd.net\") 

 (host == \"watchable.com\") 

 (host == \"cilhlsvod-f.akamaihd.net\") 

 (host == \"oxygenvod-vh.akamaihd.net\") 

 (host == \"tvesyfy-vh.akamaihd.net\") 

 (host == \"www.smithsonianchannel.com\") 

 (host == \"c.brightcove.com\") 

 (host == \"brightcove01.brightcove.com\") 

 (host == \"edge.api.brightcove.com\") 

 (host == \"www.eonline.com\") 

 (host == \"api.listenlive.co\") 

 (host == \"playerservices.streamtheworld.com\") 

 (host == \"player.listenlive.co\") 

 (url.indexOf(\"live.streamtheworld.com\") != -1) 

 (host == \"www.cartoonnetwork.com\") 

 (host == \"www.viki.com\") 

 (host == \"\\\"www.viki.com\") 

 (host == \"www.origin.com\") 

 (host == \"ht.cdn.turner.com\") 

 (host == \"aolvideoshd-vh.akamaihd.net\") 

 (host == \"syn.5min.com\") 

 (host == \"stvideos.5min.com\") 

 (host == \"www.showtime.com\") 

 (host == \"secure.showtime.com\") 

 (url.indexOf(\".vgtf.net\") != -1) 

 (host == \"phds-live.cdn.turner.com\") 

 (host == \"api.amplitude.com\") 

 (host == \"order.rhapsody.com\") 

 (host == \"payment.rhapsody.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\") 

 (host == \".npostreaming.nl\") 

 (host == \"ida.omroep.nl\") 

 (host == \"npoplayer.omroep.nl\") 

 (host == \"www.zapp.nl\") 

 (host == \"tellerapi.omroep.nl\") 

 (host == \"e.omroep.nl\") 

 (url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\") 

 (host == \"apasfiisl.apa.at\") 

 (host == \"orf.oewabox.at\") 

 (host == \"194.232.200.58\") 

 (host == \"185.85.28.1\") 

 (host == \"atvplus.oewabox.at\") 

 (host == \"cdn.atv.at\") 

 (url.indexOf(\"proxmate=at\") != -1) 

 (host == \"hdsvodsportsman-vh.akamaihd.net\") 

 (host == \"streamaccess.unas.tv\") 

 (host == \"www.laola1.tv\") 

 (host == \"www.livestation.com\") 

 (host == \"livestation.com\") 

 (url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\") 

 (host == \"www.netflix.com\") 

 (host == \"cbp-us.nccp.netflix.com\") 

 (host == \"secure.netflix.com\") 

 (host == \"api-global.netflix.com\") 

 (host == \"ichnaea.netflix.com\") 

 (host == \"customerevents.netflix.com\") 

 (host == \"s.thebrighttag.com\") 

 (url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\") 

 (host == \"www.funimation.com\") 

 (host == \"wpc.8c48.edgecastcdn.net\") 

 (host == \"southpark.cc.com\") 

 (host == \"api.utils.watchabc.go.com\") 

 (host == \"www.dramafever.com\") 

 (host == \"www.logotv.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api.watchabc.go.com\") 

 (host == \"theanimenetwork.com\") 

 (host == \"huluim.com\") 

 (host == \"www.hulu.com\") 

 (host == \"t2.hulu.com\") 

 (host == \"urlcheck.hulu.com\") 

 (host == \"t.hulu.com\") 

 (host == \"play.hulu.com\") 

 (host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\") 

 (host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\") 

 (host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"player.rutv.ru\") 

 (host == \"api.rutv.ru\") 

 (host == \"cdnng.v.rtr-vesti.ru\") 

 (host == \"player.vgtrk.com\") 

 (url.indexOf(\"proxmate=ru\") != -1) 

 (host == \"stream.1tv.ru\") 

 (host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\") 

 (host == \"api.globovideos.com\") 

 (host == \"s.videos.globo.com\") 

 (host == \"gshow.globo.com\") 

 (host == \"voddownload02.video.globo.com\") 

 (host == \"secure.nuuvem.com\") 

 (host == \"webportal.nowonline.com.br\")) { return 'PROXY br-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\") 

 (host == \"open.live.bbc.co.uk\") 

 (host == \"fig.bbc.co.uk\") 

 (host == \"vod-hds-uk-live.edgesuite.net\") 

 (host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.edgesuite.net\") 

 (host == \"bbc.co.uk\")) { return 'PROXY ukb-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3268381146-424546740-3302138135-1001: @my.com/Games -> C:\Users\Mihalj\AppData\Local\MyComGames\NPMyComDetector.dll [2015-12-21] (My.com, Inc)
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-07-07]
FF Extension: ProxMate - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-01-11]
FF Extension: Widevine Media Optimizer - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-07-23] [ist nicht signiert]
FF Extension: mx3 - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2015-12-19]
FF Extension: FT DeepDark - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Metal Lion Australis Theme - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{F2C70981-7CDC-4c46-ACF3-41F18693E79E} [2015-12-05]
FF Extension: Adblock Edge - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-12-05]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Google Drive) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-18]
CHR Extension: (YouTube) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google-Suche) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19]
CHR Extension: (Norton Security Toolbar) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-09-18]
CHR Extension: (Norton Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18]
CHR Extension: (Google Mail) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-15] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-08-16] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
U2 HiPatchService; D:\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [Datei ist nicht signiert]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2015-03-23] ()
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20160119.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-08-16] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20160122.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160122.023\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [Datei ist nicht signiert]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 22:29 - 2016-01-23 22:29 - 00047330 _____ C:\Users\Mihalj\Desktop\FRST.txt
2016-01-23 22:28 - 2016-01-23 22:29 - 02370560 _____ (Farbar) C:\Users\Mihalj\Desktop\FRST64(1).exe
2016-01-23 22:27 - 2016-01-23 22:27 - 00001314 _____ C:\Users\Mihalj\Desktop\JRT.txt
2016-01-23 22:23 - 2016-01-23 22:23 - 01600184 _____ (Malwarebytes) C:\Users\Mihalj\Desktop\JRT.exe
2016-01-23 22:22 - 2016-01-23 22:22 - 00001187 _____ C:\Users\Mihalj\Desktop\MBAM.txt
2016-01-23 22:13 - 2016-01-23 22:13 - 00002950 _____ C:\Users\Mihalj\Desktop\AdwCleaner[C2].txt
2016-01-23 22:06 - 2016-01-23 22:06 - 01505280 _____ C:\Users\Mihalj\Desktop\AdwCleaner_5.030.exe
2016-01-23 13:12 - 2016-01-23 13:42 - 00277138 _____ C:\TDSSKiller.3.1.0.9_23.01.2016_13.12.07_log.txt
2016-01-23 13:00 - 2016-01-23 22:29 - 00000000 ____D C:\FRST
2016-01-23 11:29 - 2016-01-23 22:15 - 00063902 _____ C:\WINDOWS\ntbtlog.txt
2016-01-23 09:17 - 2016-01-23 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-01-23 09:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-22 19:13 - 2016-01-22 19:13 - 00000761 _____ C:\Users\Mihalj\Desktop\Start Emsisoft Emergency Kit.lnk
2016-01-22 19:12 - 2016-01-23 08:51 - 00000000 ____D C:\EEK
2016-01-22 16:51 - 2016-01-23 11:12 - 00021330 _____ C:\WINDOWS\ntbtlog.txt.bak
2016-01-22 14:55 - 2016-01-23 11:10 - 00000000 ____D C:\NPE
2016-01-22 14:54 - 2016-01-22 14:54 - 00000000 ____D C:\ProgramData\SMR501
2016-01-22 14:53 - 2016-01-23 11:09 - 00000000 ____D C:\Users\Mihalj\AppData\Local\NPE
2016-01-18 21:19 - 2016-01-18 21:19 - 00366900 _____ C:\WINDOWS\Minidump\011816-8687-01.dmp
2016-01-15 19:19 - 2016-01-15 19:19 - 00311076 _____ C:\WINDOWS\Minidump\011516-8765-01.dmp
2016-01-13 16:45 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:45 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 16:45 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 16:45 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:45 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 16:45 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 16:45 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:45 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 16:45 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:45 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 05:44 - 2016-01-12 05:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-12 05:44 - 2016-01-12 05:44 - 00002130 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000581 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000580 _____ C:\Users\Public\Desktop\Smite.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-01-11 18:35 - 2016-01-23 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 21:02 - 2016-01-07 21:02 - 00000633 _____ C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dokumente.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00001828 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iPod
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files\Bonjour
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-03 12:15 - 2016-01-03 12:15 - 04407063 _____ C:\Users\Mihalj\Downloads\WW2-Content Pack-1.8-5.1.1.jar
2016-01-03 12:15 - 2016-01-03 12:15 - 01517090 _____ C:\Users\Mihalj\Downloads\Nerf-Content Pack-1.8-5.0.jar
2016-01-03 12:13 - 2016-01-03 12:14 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1-1.8-5.1.1.jar
2016-01-03 12:11 - 2016-01-03 12:11 - 00232534 _____ C:\Users\Mihalj\Downloads\Simple Parts-Content Pack-1.8-5.1.1.jar
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:02 - 00000000 ____D C:\Program Files\WinRAR
2016-01-03 11:41 - 2016-01-03 11:41 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1.8-5.1.1.jar
2016-01-03 11:41 - 2016-01-03 11:25 - 00326752 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-01-03 11:40 - 2016-01-03 11:38 - 31012264 _____ (Oracle Corporation) C:\Users\Mihalj\Downloads\Java_Installer.exe
2016-01-03 11:25 - 2016-01-03 11:46 - 00000000 ____D C:\Program Files\Java
2016-01-03 11:25 - 2016-01-03 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-03 11:25 - 2016-01-03 11:25 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\Users\Mihalj\.oracle_jre_usage
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\ProgramData\Oracle
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Oracle
2016-01-02 21:52 - 2016-01-02 21:52 - 06293872 _____ (Tim Kosse) C:\Users\Mihalj\Downloads\FileZilla_3.14.1_win32-setup.exe
2015-12-30 18:56 - 2016-01-18 21:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-30 18:56 - 2015-12-30 18:56 - 00364364 _____ C:\WINDOWS\Minidump\123015-9578-01.dmp
2015-12-28 11:07 - 2015-12-28 11:07 - 00000977 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-28 11:07 - 2015-12-28 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 17:55 - 00000000 ____D C:\Users\Mihalj\Documents\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 11:05 - 00000000 ____D C:\HeroesData

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 22:21 - 2015-06-10 04:57 - 00000000 ___RD C:\Users\Mihalj\Dropbox
2016-01-23 22:21 - 2015-06-10 04:56 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Dropbox
2016-01-23 22:20 - 2015-11-29 00:05 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-23 22:20 - 2015-10-30 19:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-23 22:20 - 2015-10-30 19:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-23 22:20 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-23 22:19 - 2015-11-28 06:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2016-01-23 22:15 - 2015-12-21 19:31 - 00000000 ____D C:\Users\Mihalj\AppData\Local\MyComGames
2016-01-23 22:15 - 2015-05-06 17:46 - 00000000 ___RD C:\Users\Mihalj\iCloudDrive
2016-01-23 22:15 - 2014-04-12 08:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-23 22:14 - 2015-11-28 23:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-23 22:14 - 2015-11-28 23:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-23 22:14 - 2015-06-10 04:56 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-23 22:14 - 2014-08-19 04:03 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-23 22:11 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-23 22:10 - 2014-04-12 08:45 - 00000000 ____D C:\AdwCleaner
2016-01-23 22:09 - 2014-03-14 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-23 22:06 - 2015-06-10 04:56 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-23 22:06 - 2014-03-08 13:18 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B9B897E-3C10-40FC-BFB1-0251065C3A3C}
2016-01-23 20:53 - 2014-08-19 04:03 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-23 18:29 - 2014-04-10 15:10 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Skype
2016-01-23 18:28 - 2014-03-08 14:47 - 00000000 ____D C:\Users\Mihalj\Documents\Outlook-Dateien
2016-01-23 15:48 - 2014-05-16 14:48 - 00000336 _____ C:\WINDOWS\Tasks\MT66 Software Update.job
2016-01-23 13:01 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-23 12:53 - 2014-03-09 07:12 - 00000000 ____D C:\Users\Mihalj\AppData\Local\CrashDumps
2016-01-23 09:14 - 2014-04-12 08:37 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-23 08:49 - 2015-09-30 17:55 - 00031639 _____ C:\Users\Mihalj\Desktop\Arbeitszeitkarte Vorlage.xlsx
2016-01-23 08:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-22 16:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-22 14:55 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-22 14:53 - 2014-03-08 13:16 - 00000000 ____D C:\ProgramData\Norton
2016-01-22 04:59 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-20 19:12 - 2014-03-08 13:01 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Packages
2016-01-18 21:38 - 2015-11-28 23:55 - 00000000 ____D C:\Users\Mihalj
2016-01-18 21:19 - 2014-06-28 16:57 - 1236391303 _____ C:\WINDOWS\MEMORY.DMP
2016-01-17 15:16 - 2015-03-31 15:56 - 00000000 ____D C:\Users\Mihalj\Documents\David
2016-01-17 08:41 - 2014-03-13 18:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-17 08:39 - 2014-03-13 18:34 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-16 09:25 - 2014-03-08 15:59 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\FileZilla
2016-01-15 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-15 20:05 - 2014-03-04 12:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-15 16:29 - 2014-12-24 07:18 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 05:54 - 2014-08-19 04:03 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-15 05:10 - 2015-02-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-14 03:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 17:02 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 17:02 - 2014-08-09 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 19:40 - 2014-03-08 14:38 - 00000000 ____D C:\Users\Mihalj\Documents\My Games
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\ProgramData\Adobe
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-12 05:31 - 2014-06-29 15:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-11 20:32 - 2015-01-10 10:11 - 00000702 _____ C:\Users\Mihalj\Desktop\World of Tanks.lnk
2016-01-11 20:01 - 2015-11-29 00:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-11 19:56 - 2015-09-06 18:29 - 00034308 _____ C:\WINDOWS\SysWOW64\bassmod.dll
2016-01-11 19:56 - 2015-07-15 19:13 - 00155136 _____ C:\WINDOWS\SysWOW64\unrar.dll
2016-01-11 19:51 - 2014-03-04 12:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-11 18:38 - 2014-03-09 08:26 - 00000000 ____D C:\Users\Mihalj\AppData\Local\676C63E5-3167-4B7A-9727-75016617B7F8.aplzod
2016-01-10 12:40 - 2014-05-17 18:22 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\vlc
2016-01-09 10:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-06 10:05 - 2014-03-09 08:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-01-06 10:04 - 2015-05-06 17:46 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Inc
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Apple Computer
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Computer
2016-01-06 10:03 - 2014-03-09 06:57 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 21:53 - 2014-03-08 15:59 - 00002075 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-12-31 15:10 - 2015-11-28 23:54 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-31 12:24 - 2014-03-08 14:02 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\TS3Client
2015-12-31 10:52 - 2014-03-09 14:23 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Battle.net
2015-12-28 11:16 - 2014-03-09 14:23 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-24 05:46 - 2015-11-28 23:54 - 00359592 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-10 16:29 - 2015-05-10 16:29 - 0002116 _____ () C:\Users\Mihalj\AppData\Local\recently-used.xbel
2015-08-31 04:30 - 2015-08-31 04:32 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{70750D93-5C31-4489-A1D6-D635FA7EF0C3}
2015-09-21 04:30 - 2015-09-21 04:30 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{948D2D42-5989-48E6-9827-E0678DE07CCB}
2015-11-28 23:54 - 2015-11-28 23:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Mihalj\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. 


LastRegBack: 2016-01-18 18:55

==================== Ende von FRST.txt ============================
         

Alt 23.01.2016, 22:37   #9
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Mihalj (2016-01-23 22:29:54)
Gestartet von C:\Users\Mihalj\Desktop
Windows 10 Home (X64) (2015-11-28 23:54:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3268381146-424546740-3302138135-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3268381146-424546740-3302138135-503 - Limited - Disabled)
Gast (S-1-5-21-3268381146-424546740-3302138135-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3268381146-424546740-3302138135-1003 - Limited - Enabled)
Mihalj (S-1-5-21-3268381146-424546740-3302138135-1001 - Administrator - Enabled) => C:\Users\Mihalj

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 (Enabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

[BV] Mod Collection (HKLM-x32\...\{D695D931-4FF5-4A77-BA6F-9A8D82A5FEFD}) (Version: 9.06.04 - Black & Bloody Vengeance)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AIDA64 Extreme v5.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.20 - FinalWire Ltd.)
Amazon Music (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Amazon Amazon Music) (Version: 3.10.1.1000 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{AB112C21-1FF5-4B39-9D02-94C44AEDA31D}) (Version: 1.31.0 - Kovid Goyal)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
EPSON Stylus SX200 Series Printer Uninstall (HKLM\...\EPSON Stylus SX200 Series) (Version:  - SEIKO EPSON Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version:  - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
G15_TeamSpeak (NSIS) (HKLM-x32\...\G15_TeamSpeak) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.8 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LCDHost - a compositing plugin manager for LCD's (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\LCDHost) (Version:  - Link Data Stockholm)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
My.com Game Center (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\MyComGames) (Version: 3.161 - My.com B.V.)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.87 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
OMC ModPack Client Version 1.3.7.1 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.3.7.1 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Parsec - 1  (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\a53dc3b81e52c50e) (Version: 1.0.0.53 - Parsec)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.21.3182.1 - Hi-Rez Studios)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3268381146-424546740-3302138135-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02E5EF08-BE6D-49B0-B63A-0958EEDD4B29} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {03B17DB2-4C38-4B83-943E-7587FACA18F3} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {0BE5CC73-101D-4DCE-9092-026CAF07ADCE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {1A06C6E4-FBB5-4B6D-96BF-331F41F524CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {28145345-2AE3-43CE-94EC-D1A35A926AA4} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {3E512E81-6FEF-4B9D-A7FE-84F48603DF4A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {48C0CB97-7185-4BE1-AD85-3D91D9118661} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {58F658F5-CF87-48A0-9633-A3516123C8A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {62DDD737-B878-4FF4-9188-5C9E7C3200D5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {65C1EC37-3DD2-4E87-B034-F37FD73572F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {66A70CA5-A118-4828-9176-D69D30FB8C50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {66FA77BA-E5BD-439E-B42D-C4DDD60B8EEC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7882E8C1-4B2C-48ED-A908-1FA4CC19CCAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {821D2F12-5699-4AF0-8981-D814CB15A613} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {90FAA7BA-9FC0-4745-A37C-F21F183AFE30} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {92C8BF82-DAB1-4FBB-89AA-339D508107B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {A7496965-8C36-484F-954D-BD4004C7BEE5} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {ADF6BDDF-4CAB-4D92-8C46-D9A0926ACA78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {BBCF18DC-64B7-4557-8C42-5E5D29377D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BD31E485-7C8E-4FA8-91A1-92BD2EB86B66} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C63377FA-1EBA-4204-9ADE-BDCCC3D3659F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {CCEDCA39-7BE2-454A-B6D9-214992521D83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E4202DF5-E017-40C3-8E4F-93CABEE50E4B} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe [2015-03-23] (FinalWire Ltd.)
Task: {E798C29C-CFE1-4D14-B245-E430529F6D14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F34BC6A0-E2F8-4806-B0CE-28812D9541B2} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {F3EEFFCE-3CDA-4ECB-8B13-AA959784E1BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {FAD6BD71-6757-4E80-A797-46ADB1A0205A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {FBBDBEC9-80B3-4777-A695-22ECFF4660F9} - System32\Tasks\{E75F7D18-83BC-4A94-8D8E-4DB06AE0CB11} => pcalua.exe -a D:\LCDHost\bin\LCDHost.exe -d D:\LCDHost\bin
Task: {FC30442A-9942-40AF-801A-AB9F7BD5FFA3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-05 07:28 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-05-16 23:34 - 2014-05-16 23:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2015-12-23 20:32 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-03-09 06:48 - 2014-03-09 06:48 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-13 16:45 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 06:03 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 06:03 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 16:45 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-28 23:54 - 2016-01-23 22:14 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-05-17 01:11 - 2014-05-17 01:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 01:37 - 2014-05-17 01:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-04-12 08:32 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-04-05 09:59 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D2314343-216D-4592-9A43-E6EEC0FD1032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{511C1042-4DA7-42E7-82AA-B9B0C71E9101}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D77FBEF9-5BED-4B7E-83FB-DD64CC4E3803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1E9B104-4F85-4620-85BD-463483CE9F17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5AC71033-70C6-452D-857B-20AF57CC9CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F6FC8847-73F9-499F-B185-5A2D8B97831A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D038F8B6-FF46-46F1-A040-C820F89002C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{8EB4C157-2583-42AF-8BCE-94FC1E6E96DD}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3461AD2B-4C4D-450A-A741-98472BA64506}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{7D1AE32F-8A64-4DDC-A2E2-A4D363BBEC72}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{2DB99E03-1AA2-420C-92CB-89BFF6C1F946}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C683310-8A37-45C4-BDA9-C888ECF3C54E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB88EC10-F0E2-4BB2-9AC3-E574501F69D2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B9DAFC07-E644-4BE2-80F1-F86B1E9B21CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{2214C4CE-2261-4362-B6FD-39C1191711DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{24B8F456-7315-4EC1-AF58-5EA4D6FD44F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{8E1A2400-982C-4BA5-B957-4336775A0764}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12DAEE82-FA71-4196-B535-DCFA53CDD8AC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F9F3C5E-ED22-4539-92CF-9A14D677FD46}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2B28D7-5D5F-4306-9E6B-20AC1B3B5EE1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EAB31814-44D6-410C-BAB5-2FA0697D6A65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{21E1C6AB-9007-4FA9-B1C7-A574EB17CAAD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CF082F94-F558-4831-9BB1-14A14063B7B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D97FBCA3-4223-45E4-9D1D-D7B1F0418D0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E9783720-A063-4909-B257-64B34F656AE9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{FAD41FF0-1B0C-4859-8EF1-6CF46C296FFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{D40440F0-C7C4-4C1E-B8D2-9D5440608620}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{CCE6EB70-8737-4353-A111-61C2EA56B09D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C403363B-AC90-4780-910C-A1325E76599C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{236A5B79-27C3-4DC6-BD40-BB449F7CED23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{936B9D97-A583-4441-B106-356431100CB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{8C95CBB8-D8CC-4CC8-80FD-97E0FE355E99}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{C1391DAC-FFF8-4A7A-B72F-3C1D2BAAEB05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3A158816-47FC-48EB-9C56-059C50DB7F88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B139AF7E-2C80-405A-9DEC-F04595451503}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{C62A2794-980B-45F0-95BB-2F367DAA3A91}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6639002E-1D86-495D-9547-31AA3694EB1E}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0E187B45-9709-4BB6-89BC-8768F2024D0B}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0C71978A-C855-4319-B546-FCAAA04EB46F}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{A3EC3BC0-ED86-458F-B375-BEF2AF73437A}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D6B47309-296D-4F78-BE87-60CC6A9ABBEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{793006DD-8DC8-4038-98A5-AAF5DD9D4A7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7053C682-9A0A-4615-AB0F-046459A35532}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{FD3349EF-FAE1-4BA9-9CCA-E1654559F15E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{7EEB2C2E-9F3D-498F-916A-936A11CC1B24}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7A659933-C34C-4B5F-8CC4-261B4C55F831}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{646CB4FF-3A1C-4CB4-8892-C06E7E322978}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{761B8C6F-886D-4A30-8A74-E581A8ACA8CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{3B0CC2E6-A9AE-4541-8BE2-54F140932282}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1FE03162-1EBD-4A3A-921B-0F6357981DD3}] => (Allow) LPort=1900
FirewallRules: [{1723A46C-5AE0-4FD6-ADB8-1DEDFD004930}] => (Allow) LPort=2869
FirewallRules: [{DCB2C2F6-5A2F-4557-A025-023D59886BF7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6EF9F6F-D0B6-49BA-BD68-0CD27F619234}] => (Allow) LPort=12008
FirewallRules: [{DE498A3E-DFE6-4AA1-B070-25101AD3CCD9}] => (Allow) LPort=12007
FirewallRules: [{7CEEFC0D-24CC-4D62-BA75-55820164C017}] => (Allow) LPort=12006
FirewallRules: [{DE778F75-264F-4DD1-9AEA-E9E596F9A2DE}] => (Allow) LPort=12005
FirewallRules: [UDP Query User{3A25DB88-CBD8-4672-83B4-2CA7924D9A9C}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{F4AC6A4B-3EC9-4C36-ADD8-978D075E6EDA}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [{E8ABDF2D-CB98-4B00-9A5D-D5263157FF9F}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{9EFCD39B-278A-41C4-9D6F-FEBDAF13B612}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{106FAA38-03B9-4FFF-AB10-A08E8EC6D678}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{E349C282-8234-4A3F-98AE-F2A5D4DB1ED5}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{DB807C1B-A1C3-4E00-892A-F9AE8282C456}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{85336D17-38F3-45B4-8D72-051F0B5F7F40}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1A02D68D-F1FA-49E1-A524-C0C7CA81B2D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BAFDC397-7ED7-442A-BB3B-EDDE31B47FC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{C9CF6AFF-FB59-49D9-9F37-F250BD6E5FE3}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EB2E941A-A03C-4635-9188-32922C04DDDC}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{9E5A378B-396D-4486-BE32-D9E00F4EA763}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3F887FB1-8C25-4167-96FB-484A53CF84E5}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{158CB9F0-B425-42C9-93AC-BE005FA2FC5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4D2543CF-2728-4FE6-B8ED-544E810D53AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9305D71-6F14-4131-BEDB-164C8710DBF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{425CEBC0-F28E-4F0F-B640-50D8F40924C2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AAFFE893-A1DC-446C-9629-6F3793EFCA15}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{CEE00E68-9759-4CB0-99EE-199E418041BF}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{D2C94E71-A716-459E-9390-F4D7B0DD02B0}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{AED56998-9A8C-40DA-B53D-388D42007A00}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{1E7734A4-51D6-4975-ACAE-F782A8B8C8CC}] => (Allow) C:\Users\Mihalj\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D3780B7C-1439-4C8A-AB90-8028E97536E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC3456AE-033E-4352-AEEC-4B95319B90BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{375569B0-01D5-4125-A512-3DD4A394FE08}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8BFDEFD8-9651-4145-878D-9BB73CDA7E18}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{488583EA-6375-4A7F-9E58-A1F521C790E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B0AB638C-F0C8-46E6-8D8B-1CD7C5263C39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{822344FC-8D56-4EA6-877E-E5D8ECB76E12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10494D63-372F-4A90-9DAA-7616E1FF1EB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14EB75FF-F0AE-449D-87C4-4FE76F6E2854}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9EF9F5C-CA02-4B1E-B335-62061702D731}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BC3F4A10-8260-496C-B837-7BD372FCDA22}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

03-01-2016 11:19:21 Removed Java 8 Update 66
11-01-2016 19:51:35 Installed Hi-Rez Studios Games
15-01-2016 05:30:15 Windows Update
22-01-2016 19:28:07 Norton_Power_Eraser_20160122192807041
23-01-2016 22:24:29 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/23/2016 10:24:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/23/2016 09:28:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (01/23/2016 09:28:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (01/23/2016 09:28:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2016 07:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (01/23/2016 07:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (01/23/2016 07:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2016 12:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.63, Zeitstempel: 0x568b22e4
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000517aa6
ID des fehlerhaften Prozesses: 0x1458
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (01/23/2016 12:25:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (01/23/2016 12:25:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141


Systemfehler:
=============
Error: (01/23/2016 10:24:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/23/2016 10:14:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎01.‎2016 um 22:11:56 unerwartet heruntergefahren.

Error: (01/23/2016 10:14:38 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844621109933664800

Error: (01/23/2016 10:11:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4ab2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 10:11:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4ab2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 10:11:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4ab2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 10:11:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4ab2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/23/2016 10:11:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/23/2016 10:10:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/23/2016 10:10:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16322.86 MB
Verfügbarer physikalischer RAM: 13326.2 MB
Summe virtueller Speicher: 18754.86 MB
Verfügbarer virtueller Speicher: 15682.17 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.44 GB) (Free:133.03 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Daten) (Fixed) (Total:886.45 GB) (Free:671.08 GB) NTFS
Drive f: (Volume) (Fixed) (Total:976.56 GB) (Free:588.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55BDBD6D)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 55BDBD96)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 24.01.2016, 12:08   #10
M-K-D-B
/// TB-Ausbilder
 
W97M.Downloader - Standard

W97M.Downloader



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
Task: {0BE5CC73-101D-4DCE-9092-026CAF07ADCE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1A06C6E4-FBB5-4B6D-96BF-331F41F524CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3E512E81-6FEF-4B9D-A7FE-84F48603DF4A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {48C0CB97-7185-4BE1-AD85-3D91D9118661} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {58F658F5-CF87-48A0-9633-A3516123C8A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {62DDD737-B878-4FF4-9188-5C9E7C3200D5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {65C1EC37-3DD2-4E87-B034-F37FD73572F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {66A70CA5-A118-4828-9176-D69D30FB8C50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {821D2F12-5699-4AF0-8981-D814CB15A613} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BD31E485-7C8E-4FA8-91A1-92BD2EB86B66} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CCEDCA39-7BE2-454A-B6D9-214992521D83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 24.01.2016, 14:24   #11
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Hey Matthias,

Schritt 1:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Mihalj (2016-01-24 12:18:49) Run:1
Gestartet von C:\Users\Mihalj\Desktop
Geladene Profile: Mihalj (Verfügbare Profile: Mihalj)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Task: {0BE5CC73-101D-4DCE-9092-026CAF07ADCE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1A06C6E4-FBB5-4B6D-96BF-331F41F524CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3E512E81-6FEF-4B9D-A7FE-84F48603DF4A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {48C0CB97-7185-4BE1-AD85-3D91D9118661} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {58F658F5-CF87-48A0-9633-A3516123C8A0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {62DDD737-B878-4FF4-9188-5C9E7C3200D5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {65C1EC37-3DD2-4E87-B034-F37FD73572F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {66A70CA5-A118-4828-9176-D69D30FB8C50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {821D2F12-5699-4AF0-8981-D814CB15A613} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BD31E485-7C8E-4FA8-91A1-92BD2EB86B66} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CCEDCA39-7BE2-454A-B6D9-214992521D83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
        
*****************

Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BE5CC73-101D-4DCE-9092-026CAF07ADCE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BE5CC73-101D-4DCE-9092-026CAF07ADCE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A06C6E4-FBB5-4B6D-96BF-331F41F524CA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A06C6E4-FBB5-4B6D-96BF-331F41F524CA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E512E81-6FEF-4B9D-A7FE-84F48603DF4A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E512E81-6FEF-4B9D-A7FE-84F48603DF4A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48C0CB97-7185-4BE1-AD85-3D91D9118661}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48C0CB97-7185-4BE1-AD85-3D91D9118661}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58F658F5-CF87-48A0-9633-A3516123C8A0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58F658F5-CF87-48A0-9633-A3516123C8A0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62DDD737-B878-4FF4-9188-5C9E7C3200D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62DDD737-B878-4FF4-9188-5C9E7C3200D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65C1EC37-3DD2-4E87-B034-F37FD73572F0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65C1EC37-3DD2-4E87-B034-F37FD73572F0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66A70CA5-A118-4828-9176-D69D30FB8C50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66A70CA5-A118-4828-9176-D69D30FB8C50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{821D2F12-5699-4AF0-8981-D814CB15A613}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{821D2F12-5699-4AF0-8981-D814CB15A613}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD31E485-7C8E-4FA8-91A1-92BD2EB86B66}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD31E485-7C8E-4FA8-91A1-92BD2EB86B66}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCEDCA39-7BE2-454A-B6D9-214992521D83}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCEDCA39-7BE2-454A-B6D9-214992521D83}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


========= Ende von CMD: =========


=========  netsh winsock reset =========


========= Ende von CMD: =========

EmptyTemp: => 74.6 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:18:58 ====
         
Schritt 2:

Code:
ATTFilter
HitmanPro 3.7.12.253
www.hitmanpro.com

   Computer name . . . . : MICHIBÜRO
   Windows . . . . . . . : 10.0.0.10586.X64/8
   User name . . . . . . : MICHIBÜRO\Mihalj
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-01-24 12:24:11
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 44s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 2.692.700
   Files scanned . . . . : 225.523
   Remnants scanned  . . : 1.079.491 files / 1.387.686 keys

Suspicious files ____________________________________________________________

   C:\Users\Mihalj\Desktop\FRST64(2).exe
      Size . . . . . . . : 2.370.560 bytes
      Age  . . . . . . . : 0.0 days (2016-01-24 12:17:50)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : DF31FB13657FE69EF6D27FC5E54FB2982E48F1FBB90C373B7541EE4FF5C55276
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         
Schritt 3:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2f1797641d0782469bac91ced7f5a74a
# end=init
# utc_time=2016-01-24 11:32:47
# local_time=2016-01-24 12:32:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27789
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2f1797641d0782469bac91ced7f5a74a
# end=updated
# utc_time=2016-01-24 11:34:26
# local_time=2016-01-24 12:34:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2f1797641d0782469bac91ced7f5a74a
# engine=27789
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-24 01:13:45
# local_time=2016-01-24 02:13:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 808647 216237810 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7411113 7455368 0 0
# scanned=667154
# found=5
# cleaned=0
# scan_time=5958
sh=3F8CCD9279F8D950622F536D3202CC0E44134A8E ft=1 fh=4cb693d7b46c457f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe.vir"
sh=66F59F946B116D84B2787EE2010CE6D1CC2635D9 ft=1 fh=fc91a06500238816 vn="Win32/DownloadAdmin.H evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\hotspotshield-setup_540.exe"
sh=2B811ED1E729FBF3B0DE55E078980B62F8D497C0 ft=1 fh=3c2b9662b94424fb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=CA6FB6484BC5156706B7B0D15BC94B26C06295D7 ft=1 fh=f1bc581d3bb89bfc vn="Variante von Win32/Magicbit.A evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\SaveFromNetHelper-Web-124d8b0c23-[323].exe"
sh=C365AC409C0D6A36BF612BA7F07D440CAD067CCA ft=1 fh=4e57defdbf83ea76 vn="Variante von Win32/Magicbit.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\SaveFromNetHelper-Web-833a4d344b-[308].exe"
         
Schritt 4:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Mihalj (Administrator) auf MICHIBÜRO (24-01-2016 14:19:03)
Gestartet von C:\Users\Mihalj\Desktop
Geladene Profile: Mihalj (Verfügbare Profile: Mihalj)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hi-Rez Studios) D:\HiPatchService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(MY.COM B.V.) C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\conathst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Farbar) C:\Users\Mihalj\Desktop\FRST64(2).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [Amazon Music] => C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-09-15] ()
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [MyComGames] => C:\Users\Mihalj\AppData\Local\MyComGames\MyComGames.exe [4746696 2016-01-14] (MY.COM B.V.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\RunOnce: [Uninstall C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-18\...\Run: [EPSON Stylus SX200 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [221696 2007-12-13] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
Startup: C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk [2015-11-29]
ShortcutTarget: LCDHost.lnk -> C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{9972aa8a-9d34-4ed1-b078-7c2b36a8f3a0}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{a0c56e8c-cd29-4d58-aad2-a8bbdfeb906b}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-03] (Oracle Corporation)
BHO-x32: Recorder Toolbar -> {120A8821-2BEE-4C29-BCDA-62C577781992} -> C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Kein Name -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> Keine Datei
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734
FF NewTab: hxxp://search.norton.com
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\") 

 (host == \"iview.abc.net.au\") 

 (host == \"iviewmetered-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=au\") != -1) 

 (host == \"livestream.com\") 

 (host == \"www.livestream.com\") 

 (host == \"api.new.livestream.com\") 

 (host == \"player.ooyala.com\") 

 (host == \"xnewsvidhd-vh.akamaihd.net\") 

 (host == \"www.animelab.com\") 

 (host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1) 

 (host == \"ici.tou.tv\") 

 (host == \"toutvuniver1-vh.akamaihd.net\") 

 (host == \"geoip.radio-canada.ca\") 

 (host == \"api.radio-canada.ca\") 

 (host == \"images.tou.tv\") 

 (host == \"player.siriusxm.ca\") 

 (host == \"primary.hls-streaming.production.streaming.siriusxm.ca\") 

 (host == \"now.sportsnet.ca\") 

 (host == \"watch.sportsnet.ca\") 

 (host == \"player.9c9media.com\") 

 (host == \"metrics.ctv.ca\") 

 (host == \"capi.9c9media.com\") 

 (host == \"www.ctv.ca\") 

 (host == \"www.willow.tv\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\") 

 (host == \"www.arte.tv\") 

 (host == \"geoftv-a.akamaihd.net\") 

 (host == \"hdfauthftv-a.akamaihd.net\") 

 (host == \"replayftv-vh.akamaihd.net\") 

 (host == \"ftvingest-vh.akamaihd.net\") 

 (host == \"live.francetv.fr\") 

 (host == \"d8.tv\") 

 (host == \"www.d8.tv\") 

 (host == \"us-cplus-aka.canal-plus.com\") 

 (host == \"hds_live_d8_aka-lh.akamaihd.net\") 

 (host == \"d17.tv\") 

 (host == \"www.d17.tv\") 

 (host == \"hds_live_d17_aka-lh.akamaihd.net\") 

 (url.indexOf(\"proxmate=fr\") != -1) 

 (host == \"www.6play.fr\") 

 (host == \"geo.6cloud.fr\") 

 (host == \"proxy-021.dc3.dailymotion.com\") 

 (host == \"proxy-67.dailymotion.com\") 

 (host == \"prof.estat.com\") 

 (host == \"metrics.dailymotion.com\") 

 (host == \"www.dailymotion.com\") 

 (host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\") 

 (host == \"vas.sim-technik.de\") 

 (url.indexOf(\"proxmate=de\") != -1) 

 (host == \"nightclub.de\") 

 (host == \"zdf.de\") 

 (host == \"www.zdf.de\") 

 (host == \"zdf_hds_de-f.akamaihd.net\") 

 (host == \"api.nowtv.de\") 

 (host == \"delivestream-lh.akamaihd.net\") 

 (host == \"cdnapi.kaltura.com\") 

 (host == \"disneychannel.de\") 

 (host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\") 

 (url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\") 

 (host == \"www.rai.tv\") 

 (host == \"mediapolis.rai.it\") 

 (host == \"www.rai.it\") 

 (host == \"stream5.rai.it\") 

 (host == \"stream6.rai.it\") 

 (host == \"stream7.rai.it\") 

 (host == \"sspushrai1-s.akamaihd.net\") 

 (host == \"sspushrai2-s.akamaihd.net\") 

 (host == \"sspushraisport2-s.akamaihd.net\") 

 (host == \"sspushrai3-s.akamaihd.net\") 

 (host == \"secondary.adaptiveedge.rai.it\") 

 (host == \"rai-italia01.wt-eu02.net\") 

 (host == \"download.rai.tv\") 

 (host == \"mediapolisvod.rai.it\") 

 (host == \"ww.rai.tv\") 

 (host == \".xuniplay.fdnames.com\") 

 (url.indexOf(\"xuniplay.fdnames.com\") != -1) 

 (host == \"se-to1-8.se.live3.msf.ticdn.it\") 

 (host == \"live.shinystat.com\") 

 (host == \"lic.mediaset.net\") 

 (host == \"cssr.video.mediaset.it\") 

 (url.indexOf(\"proxmate=it\") != -1) 

 (host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\") 

 (host == \"telecinco1-vh.akamaihd.net\") 

 (host == \"www.telecinco.es\") 

 (url.indexOf(\"proxmate=es\") != -1) 

 (host == \"antena3.com\") 

 (host == \"www.antena3.com\") 

 (host == \"geodesprogresiva.antena3.com\") 

 (host == \"rtve.es\") 

 (host == \"www.rtve.es\") 

 (host == \"ztnr.rtve.es\") 

 (host == \"mvodt.lvlt.rtve.es\") 

 (host == \"swf.rtve.es\") 

 (host == \"cuatro.com\") 

 (host == \"www.cuatro.com\") 

 (host == \"cuatro1-vh.akamaihd.net\") 

 (host == \"peliculas-online.atresplayer.com\") 

 (host == \"servicios.atresplayer.com\") 

 (host == \"atresplayer.com\") 

 (host == \"www.atresplayer.com\") 

 (host == \"k.uecdn.es\") 

 (host == \"v.uecdn.es\") 

 (host == \"as.com\") 

 (host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\") 

 (host == \"www.prosieben.ch\") 

 (host == \"vas.sim-technik.de\") 

 (host == \"s1tv.ch\") 

 (host == \"www.s1tv.ch\") 

 (host == \"zba2-0-hds-live.zahs.tv\") 

 (host == \"embed-zattoo.com\") 

 (host == \"chtv.ch\") 

 (host == \"www.chtv.ch\") 

 (host == \"zba2-1-hds-live.zahs.tv\") 

 (host == \"sat1.ch\") 

 (host == \"www.sat1.ch\") 

 (host == \"rsi.ch\") 

 (host == \"www.rsi.ch\") 

 (host == \"codch-vh.akamaihd.net\") 

 (host == \"il.srgssr.ch\") 

 (host == \"ch.viva.tv\") 

 (host == \"intl.esperanto.mtvi.com\") 

 (url.indexOf(\"proxmate=ch\") != -1) 

 (host == \"zattoo.com\") 

 (host == \"www.srf.ch\") 

 (host == \"srgssruni1ch-lh.akamaihd.net\") 

 (host == \"srgssruni2ch-lh.akamaihd.net\") 

 (host == \"srgssruni3ch-lh.akamaihd.net\") 

 (host == \"www.teleboy.ch\") 

 (host == \"aka-cdn-ns.adtech.de\") 

 (host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"c.brightcove.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"stv-ak.cds1.yospace.com\") 

 (host == \"core.stvfiles.com\") 

 (host == \"player.stv.tv\") 

 (host == \"stv.brightcove.com.edgesuite.net\") 

 (host == \"uk-dev-stv.cdn.videoplaza.tv\") 

 (host == \"mercury.itv.com\") 

 (host == \"www.itv.com\") 

 (host == \"itv.com\") 

 (host == \"llnw.live.btv.simplestream.com\") 

 (host == \"players.simplestream.com\") 

 (host == \"uapi.simplestream.com\") 

 (host == \"channel5.com\") 

 (host == \"wwwcdn.channel5.com\") 

 (host == \"cassie.channel5.com\") 

 (host == \"player.channel5.com\") 

 (host == \"deliver-hls.channel5.com\") 

 (host == \"akahls.channel5.com\") 

 (host == \"llnwhls.channel5.com\") 

 (host == \"milkshake.tv\") 

 (host == \"www.milkshake.tv\") 

 (host == \"trk-euwest.tidaltv.com\") 

 (host == \"mp.adverts.itv.com\") 

 (host == \"req.tidaltv.com\") 

 (host == \"s1.2mdn.net\") 

 (host == \"pes.itv.com\") 

 (host == \"ned.itv.com\") 

 (host == \"itvdotcom.2cnt.net\") 

 (host == \"tom.itv.com\") 

 (host == \"dave.uktv.co.uk\") 

 (host == \"uktvplay.uktv.co.uk\") 

 (host == \"uktvhdse.brightcove.com.edgesuite.net\") 

 (host == \"admin.brightcove.com\") 

 (host == \"really.uktv.co.uk\") 

 (host == \"yesterday.uktv.co.uk\") 

 (host == \"drama.uktv.co.uk\") 

 (host == \"live.tvplayer.com\") 

 (host == \"tvplayer.com\") 

 (host == \"sapi.tvplayer.com\") 

 (host == \"api.tvplayer.com\") 

 (host == \"www.gamefront.com\") 

 (url.indexOf(\"proxmate=uk\") != -1) 

 (host == \"channel4.com\") 

 (host == \"ais.channel4.com\") 

 (host == \"pandr.my.channel4.com\") 

 (host == \"all4nav.channel4.com\") 

 (host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\") 

 (host == \"discidevflash-f.akamaihd.net\") 

 (host == \"api.geoip.dp.discovery.com\") 

 (host == \"vidtech.cbsinteractive.com\") 

 (host == \"vidtech.cbsima.com\") 

 (host == \"om.cbsi.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api-manga.crunchyroll.com\") 

 (host == \"crunchyroll.com\") 

 (host == \"www.crunchyroll.com\") 

 (host == \"cdn.wwtv.warnerbros.com\") 

 (host == \"hlsioscwtv.warnerbros.com\") 

 (host == \"media.cwtv.com\") 

 (host == \"servicesaetn-a.akamaihd.net\") 

 (host == \"live.mlssoccer.com\") 

 (host == \"tvewnbc-i.akamaihd.net\") 

 (host == \"tvenbceast-i.akamaihd.net\") 

 (host == \"nbcmpx-vh.akamaihd.net\") 

 (host == \"www.pandora.com\") 

 (host == \"video.pbs.org\") 

 (host == \"ga.video.cdn.pbs.org\") 

 (host == \"urs.pbs.org\") 

 (host == \"play.spotify.com\") 

 (host == \"www.spotify.com\") 

 (host == \"play.spotify.edgekey.net\") 

 (host == \"www.iheart.com\") 

 (host == \"api2.iheart.com\") 

 (host == \"api.iheart.com\") 

 (host == \"iheart.com\") 

 (host == \"nick.mtvnimages.com\") 

 (host == \"sni-vh.akamaihd.net\") 

 (url.indexOf(\"proxmate=us\") != -1) 

 (host == \"api.segment.io\") 

 (host == \"www.vevo.com\") 

 (host == \"vevo.com\") 

 (host == \"apiv2.vevo.com\") 

 (host == \"songza.com\") 

 (host == \"new.songza.com\") 

 (host == \"www.daisuki.net\") 

 (host == \"bngn-vh.akamaihd.net\") 

 (host == \"bngnwww.b-ch.com\") 

 (host == \"www.hbogo.com\") 

 (host == \"catalog.lv3.hbogo.com\") 

 (host == \"profile.lv3.hbogo.com\") 

 (host == \"profile.hbogo.com\") 

 (url.indexOf(\".lv3.hbogo.com\") != -1) 

 (host == \"register.hbogo.com\") 

 (host == \"play.hbogo.com\") 

 (host == \"smetrics.hbogo.com\") 

 (url.indexOf(\".lv3.cdn.hbo.com\") != -1) 

 (host == \"comet.api.hbo.com\") 

 (host == \"play.google.com\") 

 (host == \"checkout.google.com\") 

 (host == \"store.google.com\") 

 (host == \"apis.google.com\") 

 (host == \"amc350888def-vh.akamaihd.net\") 

 (host == \"a564avoddashnsus-a.akamaihd.net\") 

 (host == \"atv-ps.amazon.com\") 

 (host == \"www.amazon.com\") 

 (host == \"amazon.com\") 

 (host == \"fls-na.amazon.com\") 

 (host == \"secure.brightcove.com\") 

 (host == \"metrics.brightcove.com\") 

 (host == \"phds-vod.cdn.turner.com\") 

 (host == \"token.vgtf.net\") 

 (host == \"counter.yadro.ru\") 

 (host == \"turbik.tv\") 

 (host == \"www.ondemandkorea.com\") 

 (host == \"www.fxnetworks.com\") 

 (host == \"fxvcms-f.akamaihd.net\") 

 (host == \"tvetelemundo-vh.akamaihd.net\") 

 (host == \"feed.theplatform.com\") 

 (host == \"fsvideohds-vh.akamaihd.net\") 

 (host == \"watchable.com\") 

 (host == \"cilhlsvod-f.akamaihd.net\") 

 (host == \"oxygenvod-vh.akamaihd.net\") 

 (host == \"tvesyfy-vh.akamaihd.net\") 

 (host == \"www.smithsonianchannel.com\") 

 (host == \"c.brightcove.com\") 

 (host == \"brightcove01.brightcove.com\") 

 (host == \"edge.api.brightcove.com\") 

 (host == \"www.eonline.com\") 

 (host == \"api.listenlive.co\") 

 (host == \"playerservices.streamtheworld.com\") 

 (host == \"player.listenlive.co\") 

 (url.indexOf(\"live.streamtheworld.com\") != -1) 

 (host == \"www.cartoonnetwork.com\") 

 (host == \"www.viki.com\") 

 (host == \"\\\"www.viki.com\") 

 (host == \"www.origin.com\") 

 (host == \"ht.cdn.turner.com\") 

 (host == \"aolvideoshd-vh.akamaihd.net\") 

 (host == \"syn.5min.com\") 

 (host == \"stvideos.5min.com\") 

 (host == \"www.showtime.com\") 

 (host == \"secure.showtime.com\") 

 (url.indexOf(\".vgtf.net\") != -1) 

 (host == \"phds-live.cdn.turner.com\") 

 (host == \"api.amplitude.com\") 

 (host == \"order.rhapsody.com\") 

 (host == \"payment.rhapsody.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\") 

 (host == \".npostreaming.nl\") 

 (host == \"ida.omroep.nl\") 

 (host == \"npoplayer.omroep.nl\") 

 (host == \"www.zapp.nl\") 

 (host == \"tellerapi.omroep.nl\") 

 (host == \"e.omroep.nl\") 

 (url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\") 

 (host == \"apasfiisl.apa.at\") 

 (host == \"orf.oewabox.at\") 

 (host == \"194.232.200.58\") 

 (host == \"185.85.28.1\") 

 (host == \"atvplus.oewabox.at\") 

 (host == \"cdn.atv.at\") 

 (url.indexOf(\"proxmate=at\") != -1) 

 (host == \"hdsvodsportsman-vh.akamaihd.net\") 

 (host == \"streamaccess.unas.tv\") 

 (host == \"www.laola1.tv\") 

 (host == \"www.livestation.com\") 

 (host == \"livestation.com\") 

 (url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\") 

 (host == \"www.netflix.com\") 

 (host == \"cbp-us.nccp.netflix.com\") 

 (host == \"secure.netflix.com\") 

 (host == \"api-global.netflix.com\") 

 (host == \"ichnaea.netflix.com\") 

 (host == \"customerevents.netflix.com\") 

 (host == \"s.thebrighttag.com\") 

 (url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\") 

 (host == \"www.funimation.com\") 

 (host == \"wpc.8c48.edgecastcdn.net\") 

 (host == \"southpark.cc.com\") 

 (host == \"api.utils.watchabc.go.com\") 

 (host == \"www.dramafever.com\") 

 (host == \"www.logotv.com\") 

 (host == \"media.mtvnservices.com\") 

 (host == \"api.watchabc.go.com\") 

 (host == \"theanimenetwork.com\") 

 (host == \"huluim.com\") 

 (host == \"www.hulu.com\") 

 (host == \"t2.hulu.com\") 

 (host == \"urlcheck.hulu.com\") 

 (host == \"t.hulu.com\") 

 (host == \"play.hulu.com\") 

 (host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\") 

 (host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\") 

 (host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"player.rutv.ru\") 

 (host == \"api.rutv.ru\") 

 (host == \"cdnng.v.rtr-vesti.ru\") 

 (host == \"player.vgtrk.com\") 

 (url.indexOf(\"proxmate=ru\") != -1) 

 (host == \"stream.1tv.ru\") 

 (host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\") 

 (host == \"api.globovideos.com\") 

 (host == \"s.videos.globo.com\") 

 (host == \"gshow.globo.com\") 

 (host == \"voddownload02.video.globo.com\") 

 (host == \"secure.nuuvem.com\") 

 (host == \"webportal.nowonline.com.br\")) { return 'PROXY br-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\") 

 (host == \"open.live.bbc.co.uk\") 

 (host == \"fig.bbc.co.uk\") 

 (host == \"vod-hds-uk-live.edgesuite.net\") 

 (host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\") 

 (host == \"vs-hds-uk-live.edgesuite.net\") 

 (host == \"bbc.co.uk\")) { return 'PROXY ukb-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3268381146-424546740-3302138135-1001: @my.com/Games -> C:\Users\Mihalj\AppData\Local\MyComGames\NPMyComDetector.dll [2015-12-21] (My.com, Inc)
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-07-07]
FF Extension: NoScript - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-24]
FF Extension: ProxMate - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-01-11]
FF Extension: Widevine Media Optimizer - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-07-23] [ist nicht signiert]
FF Extension: mx3 - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2015-12-19]
FF Extension: FT DeepDark - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Metal Lion Australis Theme - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{F2C70981-7CDC-4c46-ACF3-41F18693E79E} [2015-12-05]
FF Extension: Adblock Edge - C:\Users\Mihalj\AppData\Roaming\Mozilla\Firefox\Profiles\dw6hqbl0.default-1404024934734\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-12-05]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Google Drive) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-18]
CHR Extension: (YouTube) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google-Suche) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19]
CHR Extension: (Norton Security Toolbar) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-09-18]
CHR Extension: (Norton Safe) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18]
CHR Extension: (Google Mail) - C:\Users\Mihalj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-27]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-15] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-08-16] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
U2 HiPatchService; D:\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [Datei ist nicht signiert]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2015-03-23] ()
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20160119.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-08-16] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20160122.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160123.001\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20160123.001\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [Datei ist nicht signiert]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-24 14:19 - 2016-01-24 14:19 - 00049496 _____ C:\Users\Mihalj\Desktop\FRST.txt
2016-01-24 12:29 - 2016-01-24 12:29 - 02870984 _____ (ESET) C:\Users\Mihalj\Desktop\esetsmartinstaller_deu.exe
2016-01-24 12:23 - 2016-01-24 12:26 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-24 12:23 - 2016-01-24 12:23 - 11323704 _____ (SurfRight B.V.) C:\Users\Mihalj\Desktop\HitmanPro_x64.exe
2016-01-24 12:19 - 2016-01-24 12:53 - 00022700 _____ C:\WINDOWS\ntbtlog.txt
2016-01-24 12:18 - 2016-01-24 12:18 - 00008034 _____ C:\Users\Mihalj\Desktop\Fixlog.txt
2016-01-24 12:17 - 2016-01-24 12:18 - 02370560 _____ (Farbar) C:\Users\Mihalj\Desktop\FRST64(2).exe
2016-01-24 10:39 - 2016-01-24 10:39 - 00492780 _____ C:\Users\Mihalj\Documents\cc_20160124_103905.reg
2016-01-24 10:37 - 2016-01-24 10:37 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-24 10:37 - 2016-01-24 10:37 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-24 10:37 - 2016-01-24 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-24 10:37 - 2016-01-24 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-01-24 10:16 - 2016-01-24 10:16 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\ProductData
2016-01-23 22:23 - 2016-01-23 22:23 - 01600184 _____ (Malwarebytes) C:\Users\Mihalj\Desktop\JRT.exe
2016-01-23 22:06 - 2016-01-23 22:06 - 01505280 _____ C:\Users\Mihalj\Desktop\AdwCleaner_5.030.exe
2016-01-23 13:12 - 2016-01-23 13:42 - 00277138 _____ C:\TDSSKiller.3.1.0.9_23.01.2016_13.12.07_log.txt
2016-01-23 13:00 - 2016-01-24 14:19 - 00000000 ____D C:\FRST
2016-01-23 09:17 - 2016-01-23 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-01-23 09:17 - 2016-01-23 09:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-01-23 09:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-22 19:13 - 2016-01-22 19:13 - 00000761 _____ C:\Users\Mihalj\Desktop\Start Emsisoft Emergency Kit.lnk
2016-01-22 19:12 - 2016-01-23 08:51 - 00000000 ____D C:\EEK
2016-01-22 14:55 - 2016-01-23 11:10 - 00000000 ____D C:\NPE
2016-01-22 14:54 - 2016-01-22 14:54 - 00000000 ____D C:\ProgramData\SMR501
2016-01-22 14:53 - 2016-01-23 11:09 - 00000000 ____D C:\Users\Mihalj\AppData\Local\NPE
2016-01-13 16:45 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:45 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 16:45 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 16:45 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:45 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:45 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:45 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:45 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:45 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 16:45 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:45 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:45 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:45 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 16:45 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 16:45 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 16:45 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 16:45 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-13 16:45 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:45 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 16:45 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 16:45 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 16:45 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:45 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:45 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:45 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 16:45 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:45 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 16:45 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:45 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:45 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:45 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 16:45 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:45 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 16:45 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 05:44 - 2016-01-12 05:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-12 05:44 - 2016-01-12 05:44 - 00002130 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000581 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000580 _____ C:\Users\Public\Desktop\Smite.lnk
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-01-11 19:51 - 2016-01-11 19:51 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-01-11 18:35 - 2016-01-23 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 21:02 - 2016-01-07 21:02 - 00000633 _____ C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dokumente.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00001828 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iTunes
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files\iPod
2016-01-06 10:05 - 2016-01-06 10:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files\Bonjour
2016-01-06 10:04 - 2016-01-06 10:04 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-01-06 10:03 - 2016-01-06 10:03 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-03 12:15 - 2016-01-03 12:15 - 04407063 _____ C:\Users\Mihalj\Downloads\WW2-Content Pack-1.8-5.1.1.jar
2016-01-03 12:15 - 2016-01-03 12:15 - 01517090 _____ C:\Users\Mihalj\Downloads\Nerf-Content Pack-1.8-5.0.jar
2016-01-03 12:13 - 2016-01-03 12:14 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1-1.8-5.1.1.jar
2016-01-03 12:11 - 2016-01-03 12:11 - 00232534 _____ C:\Users\Mihalj\Downloads\Simple Parts-Content Pack-1.8-5.1.1.jar
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-03 12:02 - 2016-01-03 12:02 - 00000000 ____D C:\Program Files\WinRAR
2016-01-03 11:41 - 2016-01-03 11:41 - 05984239 _____ C:\Users\Mihalj\Downloads\Modern Warfare-Content Pack-1.8-5.1.1.jar
2016-01-03 11:41 - 2016-01-03 11:25 - 00326752 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-01-03 11:41 - 2016-01-03 11:25 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-01-03 11:40 - 2016-01-03 11:38 - 31012264 _____ (Oracle Corporation) C:\Users\Mihalj\Downloads\Java_Installer.exe
2016-01-03 11:25 - 2016-01-03 11:46 - 00000000 ____D C:\Program Files\Java
2016-01-03 11:25 - 2016-01-03 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-03 11:25 - 2016-01-03 11:25 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\Users\Mihalj\.oracle_jre_usage
2016-01-02 21:57 - 2016-01-03 10:57 - 00000000 ____D C:\ProgramData\Oracle
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Sun
2016-01-02 21:57 - 2016-01-02 21:57 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Oracle
2016-01-02 21:52 - 2016-01-02 21:52 - 06293872 _____ (Tim Kosse) C:\Users\Mihalj\Downloads\FileZilla_3.14.1_win32-setup.exe
2015-12-30 18:56 - 2016-01-24 10:38 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-28 11:07 - 2015-12-28 11:07 - 00000977 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-28 11:07 - 2015-12-28 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 17:55 - 00000000 ____D C:\Users\Mihalj\Documents\Heroes of the Storm
2015-12-28 11:05 - 2015-12-28 11:05 - 00000000 ____D C:\HeroesData

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-24 14:09 - 2014-03-14 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-24 14:06 - 2015-06-10 04:56 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-24 14:04 - 2015-11-28 06:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2016-01-24 13:53 - 2014-08-19 04:03 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-24 12:53 - 2014-04-12 08:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-24 12:28 - 2015-06-10 04:57 - 00000000 ___RD C:\Users\Mihalj\Dropbox
2016-01-24 12:28 - 2015-06-10 04:56 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Dropbox
2016-01-24 12:26 - 2015-11-29 00:05 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-24 12:26 - 2015-10-30 19:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-24 12:26 - 2015-10-30 19:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-24 12:26 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-24 12:22 - 2015-12-21 19:31 - 00000000 ____D C:\Users\Mihalj\AppData\Local\MyComGames
2016-01-24 12:22 - 2015-05-06 17:46 - 00000000 ___RD C:\Users\Mihalj\iCloudDrive
2016-01-24 12:21 - 2015-06-10 04:56 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-24 12:21 - 2014-08-19 04:03 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-24 12:19 - 2015-11-28 23:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-24 12:19 - 2015-11-28 23:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-24 12:19 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-24 12:19 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-24 12:18 - 2014-09-11 12:01 - 00000000 ____D C:\Users\Mihalj\AppData\LocalLow\Temp
2016-01-24 10:38 - 2015-11-28 23:53 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-24 10:38 - 2014-04-10 15:01 - 00000000 ____D C:\Users\Mihalj\Tracing
2016-01-24 10:38 - 2014-03-09 07:12 - 00000000 ____D C:\Users\Mihalj\AppData\Local\CrashDumps
2016-01-24 10:23 - 2014-04-12 08:45 - 00000000 ____D C:\AdwCleaner
2016-01-24 10:07 - 2014-03-08 14:47 - 00000000 ____D C:\Users\Mihalj\Documents\Outlook-Dateien
2016-01-24 09:29 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-24 09:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-24 09:28 - 2014-03-08 13:18 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B9B897E-3C10-40FC-BFB1-0251065C3A3C}
2016-01-23 18:29 - 2014-04-10 15:10 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Skype
2016-01-23 15:48 - 2014-05-16 14:48 - 00000336 _____ C:\WINDOWS\Tasks\MT66 Software Update.job
2016-01-23 09:14 - 2014-04-12 08:37 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-23 09:14 - 2014-04-12 08:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-23 08:49 - 2015-09-30 17:55 - 00031639 _____ C:\Users\Mihalj\Desktop\Arbeitszeitkarte Vorlage.xlsx
2016-01-22 16:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-22 14:55 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-22 14:53 - 2014-03-08 13:16 - 00000000 ____D C:\ProgramData\Norton
2016-01-20 19:12 - 2014-03-08 13:01 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Packages
2016-01-18 21:38 - 2015-11-28 23:55 - 00000000 ____D C:\Users\Mihalj
2016-01-17 15:16 - 2015-03-31 15:56 - 00000000 ____D C:\Users\Mihalj\Documents\David
2016-01-17 08:41 - 2014-03-13 18:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-17 08:39 - 2014-03-13 18:34 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-16 09:25 - 2014-03-08 15:59 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\FileZilla
2016-01-15 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-15 20:05 - 2014-03-04 12:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-15 16:29 - 2014-12-24 07:18 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 05:54 - 2014-08-19 04:03 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-15 05:10 - 2015-02-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-14 03:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:00 - 2014-08-09 19:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 17:02 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 17:02 - 2014-08-09 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 19:40 - 2014-03-08 14:38 - 00000000 ____D C:\Users\Mihalj\Documents\My Games
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\ProgramData\Adobe
2016-01-12 05:44 - 2014-03-09 07:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-12 05:31 - 2014-06-29 15:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-11 20:32 - 2015-01-10 10:11 - 00000702 _____ C:\Users\Mihalj\Desktop\World of Tanks.lnk
2016-01-11 20:01 - 2015-11-29 00:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-11 19:56 - 2015-09-06 18:29 - 00034308 _____ C:\WINDOWS\SysWOW64\bassmod.dll
2016-01-11 19:56 - 2015-07-15 19:13 - 00155136 _____ C:\WINDOWS\SysWOW64\unrar.dll
2016-01-11 19:51 - 2014-03-04 12:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-11 18:38 - 2014-03-09 08:26 - 00000000 ____D C:\Users\Mihalj\AppData\Local\676C63E5-3167-4B7A-9727-75016617B7F8.aplzod
2016-01-10 12:40 - 2014-05-17 18:22 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\vlc
2016-01-09 10:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-06 10:05 - 2014-03-09 08:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-01-06 10:04 - 2015-05-06 17:46 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Inc
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\Apple Computer
2016-01-06 10:04 - 2014-03-09 06:57 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Apple Computer
2016-01-06 10:03 - 2014-03-09 06:57 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 21:53 - 2014-03-08 15:59 - 00002075 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-02 21:53 - 2014-03-08 15:59 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-12-31 15:10 - 2015-11-28 23:54 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-31 12:24 - 2014-03-08 14:02 - 00000000 ____D C:\Users\Mihalj\AppData\Roaming\TS3Client
2015-12-31 10:52 - 2014-03-09 14:23 - 00000000 ____D C:\Users\Mihalj\AppData\Local\Battle.net
2015-12-28 11:16 - 2014-03-09 14:23 - 00000000 ____D C:\ProgramData\Blizzard Entertainment

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-10 16:29 - 2015-05-10 16:29 - 0002116 _____ () C:\Users\Mihalj\AppData\Local\recently-used.xbel
2015-08-31 04:30 - 2015-08-31 04:32 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{70750D93-5C31-4489-A1D6-D635FA7EF0C3}
2015-09-21 04:30 - 2015-09-21 04:30 - 0000000 _____ () C:\Users\Mihalj\AppData\Local\{948D2D42-5989-48E6-9827-E0678DE07CCB}
2015-11-28 23:54 - 2015-11-28 23:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-18 18:55

==================== Ende von FRST.txt ============================
         

Alt 24.01.2016, 14:29   #12
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Mihalj (2016-01-24 14:19:24)
Gestartet von C:\Users\Mihalj\Desktop
Windows 10 Home (X64) (2015-11-28 23:54:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3268381146-424546740-3302138135-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3268381146-424546740-3302138135-503 - Limited - Disabled)
Gast (S-1-5-21-3268381146-424546740-3302138135-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3268381146-424546740-3302138135-1003 - Limited - Enabled)
Mihalj (S-1-5-21-3268381146-424546740-3302138135-1001 - Administrator - Enabled) => C:\Users\Mihalj

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 (Enabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

[BV] Mod Collection (HKLM-x32\...\{D695D931-4FF5-4A77-BA6F-9A8D82A5FEFD}) (Version: 9.06.04 - Black & Bloody Vengeance)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AIDA64 Extreme v5.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.20 - FinalWire Ltd.)
Amazon Music (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Amazon Amazon Music) (Version: 3.10.1.1000 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{AB112C21-1FF5-4B39-9D02-94C44AEDA31D}) (Version: 1.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
EPSON Stylus SX200 Series Printer Uninstall (HKLM\...\EPSON Stylus SX200 Series) (Version:  - SEIKO EPSON Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version:  - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
G15_TeamSpeak (NSIS) (HKLM-x32\...\G15_TeamSpeak) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.8 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LCDHost - a compositing plugin manager for LCD's (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\LCDHost) (Version:  - Link Data Stockholm)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
My.com Game Center (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\MyComGames) (Version: 3.161 - My.com B.V.)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.87 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
OMC ModPack Client Version 1.3.7.1 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.3.7.1 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Parsec - 1  (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\a53dc3b81e52c50e) (Version: 1.0.0.53 - Parsec)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.21.3182.1 - Hi-Rez Studios)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3268381146-424546740-3302138135-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mihalj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02E5EF08-BE6D-49B0-B63A-0958EEDD4B29} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {1509052B-904B-4E4E-B045-24D80D038D02} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {1A5AAA11-7C3D-463A-B83E-E56949BB7548} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {28145345-2AE3-43CE-94EC-D1A35A926AA4} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {3F3F4632-ECDC-4CA8-A7CF-4B9815D8BAA8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {66FA77BA-E5BD-439E-B42D-C4DDD60B8EEC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7882E8C1-4B2C-48ED-A908-1FA4CC19CCAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {90FAA7BA-9FC0-4745-A37C-F21F183AFE30} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {92C8BF82-DAB1-4FBB-89AA-339D508107B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {A7496965-8C36-484F-954D-BD4004C7BEE5} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {ADF6BDDF-4CAB-4D92-8C46-D9A0926ACA78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {BBCF18DC-64B7-4557-8C42-5E5D29377D32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4202DF5-E017-40C3-8E4F-93CABEE50E4B} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe [2015-03-23] (FinalWire Ltd.)
Task: {E798C29C-CFE1-4D14-B245-E430529F6D14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F34BC6A0-E2F8-4806-B0CE-28812D9541B2} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {F3EEFFCE-3CDA-4ECB-8B13-AA959784E1BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {FAD6BD71-6757-4E80-A797-46ADB1A0205A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {FBBDBEC9-80B3-4777-A695-22ECFF4660F9} - System32\Tasks\{E75F7D18-83BC-4A94-8D8E-4DB06AE0CB11} => pcalua.exe -a D:\LCDHost\bin\LCDHost.exe -d D:\LCDHost\bin
Task: {FC30442A-9942-40AF-801A-AB9F7BD5FFA3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-23 20:32 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-05 07:28 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-09 06:48 - 2014-03-09 06:48 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-16 23:34 - 2014-05-16 23:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 05:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-16 11:08 - 2015-10-16 11:08 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-01-13 16:45 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 06:03 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 06:03 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:45 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-13 16:45 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-13 16:45 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-28 23:55 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 01221120 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LCDHost.exe
2014-05-12 19:35 - 2014-05-12 19:35 - 00049664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_hid.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 01073664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\platforms\qwindows.dll
2014-02-01 22:33 - 2014-02-01 22:33 - 00046080 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\bearer\qgenericbearer.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00050176 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\bearer\qnativewifibearer.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00029696 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qgif.dll
2014-02-01 22:34 - 2014-02-01 22:34 - 00030208 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qico.dll
2014-02-01 22:33 - 2014-02-01 22:33 - 00235520 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\plugins\imageformats\qjpeg.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00059392 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Bar.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00063488 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_api5plugin.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00111616 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_cf.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00036352 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_ColorSwatch.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00034816 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Decor.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00187904 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Cursor.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00034304 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_json.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00028160 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Image.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00135680 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Dial.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00201216 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_DriveStats.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00126464 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Graph.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00088064 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Text.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00182784 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_DataViewer.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00026112 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LCoreReboot.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00039424 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LgBacklight.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00036864 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_LgLcdMan.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00027136 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Logic.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00065024 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Mailcount.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00288768 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Monitoring.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00681472 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_NowPlaying.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00112640 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_TS3.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00023552 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_VirtualLCD.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00143360 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_Weather.dll
2014-05-12 19:38 - 2014-05-12 19:38 - 00041472 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\lh_simpletranslator.dll
2014-05-12 19:45 - 2014-05-12 19:45 - 00113664 _____ () C:\Users\Mihalj\Documents\LCDHost\bin\LH_WebKit.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-07-20 20:42 - 2015-09-15 06:07 - 05887808 _____ () C:\Users\Mihalj\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-11-28 23:54 - 2016-01-24 12:19 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-11-28 23:54 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-05-17 01:11 - 2014-05-17 01:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 01:37 - 2014-05-17 01:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-04-12 08:32 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 04:59 - 2016-01-22 04:59 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-04-05 09:59 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00144896 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\zlib1.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00062464 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\pxd.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 00179144 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\LightUpdate.dll
2015-12-21 19:31 - 2015-12-21 19:31 - 02340296 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Mihalj\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-12-12 15:49 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 15:49 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 15:49 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 15:49 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-02 03:50 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-12 15:49 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 15:49 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 15:49 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 15:49 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 15:49 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-10 04:56 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-10 04:56 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 05:42 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-10 04:56 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3268381146-424546740-3302138135-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-3268381146-424546740-3302138135-1001\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D2314343-216D-4592-9A43-E6EEC0FD1032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{511C1042-4DA7-42E7-82AA-B9B0C71E9101}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D77FBEF9-5BED-4B7E-83FB-DD64CC4E3803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1E9B104-4F85-4620-85BD-463483CE9F17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5AC71033-70C6-452D-857B-20AF57CC9CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F6FC8847-73F9-499F-B185-5A2D8B97831A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D038F8B6-FF46-46F1-A040-C820F89002C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{8EB4C157-2583-42AF-8BCE-94FC1E6E96DD}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3461AD2B-4C4D-450A-A741-98472BA64506}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{7D1AE32F-8A64-4DDC-A2E2-A4D363BBEC72}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{2DB99E03-1AA2-420C-92CB-89BFF6C1F946}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C683310-8A37-45C4-BDA9-C888ECF3C54E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2214C4CE-2261-4362-B6FD-39C1191711DB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{24B8F456-7315-4EC1-AF58-5EA4D6FD44F8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{8E1A2400-982C-4BA5-B957-4336775A0764}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12DAEE82-FA71-4196-B535-DCFA53CDD8AC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F9F3C5E-ED22-4539-92CF-9A14D677FD46}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A2B28D7-5D5F-4306-9E6B-20AC1B3B5EE1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6639002E-1D86-495D-9547-31AA3694EB1E}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0E187B45-9709-4BB6-89BC-8768F2024D0B}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0C71978A-C855-4319-B546-FCAAA04EB46F}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{A3EC3BC0-ED86-458F-B375-BEF2AF73437A}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{1FE03162-1EBD-4A3A-921B-0F6357981DD3}] => (Allow) LPort=1900
FirewallRules: [{1723A46C-5AE0-4FD6-ADB8-1DEDFD004930}] => (Allow) LPort=2869
FirewallRules: [{DCB2C2F6-5A2F-4557-A025-023D59886BF7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6EF9F6F-D0B6-49BA-BD68-0CD27F619234}] => (Allow) LPort=12008
FirewallRules: [{DE498A3E-DFE6-4AA1-B070-25101AD3CCD9}] => (Allow) LPort=12007
FirewallRules: [{7CEEFC0D-24CC-4D62-BA75-55820164C017}] => (Allow) LPort=12006
FirewallRules: [{DE778F75-264F-4DD1-9AEA-E9E596F9A2DE}] => (Allow) LPort=12005
FirewallRules: [UDP Query User{3A25DB88-CBD8-4672-83B4-2CA7924D9A9C}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{F4AC6A4B-3EC9-4C36-ADD8-978D075E6EDA}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe
FirewallRules: [{E8ABDF2D-CB98-4B00-9A5D-D5263157FF9F}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{9EFCD39B-278A-41C4-9D6F-FEBDAF13B612}] => (Allow) D:\Games\Heartstone\Hearthstone\Hearthstone.exe
FirewallRules: [{106FAA38-03B9-4FFF-AB10-A08E8EC6D678}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{E349C282-8234-4A3F-98AE-F2A5D4DB1ED5}] => (Allow) D:\Games\Heartstone\Battle.net\Battle.net.exe
FirewallRules: [{C9CF6AFF-FB59-49D9-9F37-F250BD6E5FE3}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EB2E941A-A03C-4635-9188-32922C04DDDC}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{9E5A378B-396D-4486-BE32-D9E00F4EA763}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{3F887FB1-8C25-4167-96FB-484A53CF84E5}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{158CB9F0-B425-42C9-93AC-BE005FA2FC5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4D2543CF-2728-4FE6-B8ED-544E810D53AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9305D71-6F14-4131-BEDB-164C8710DBF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{425CEBC0-F28E-4F0F-B640-50D8F40924C2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AAFFE893-A1DC-446C-9629-6F3793EFCA15}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{CEE00E68-9759-4CB0-99EE-199E418041BF}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{D2C94E71-A716-459E-9390-F4D7B0DD02B0}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{AED56998-9A8C-40DA-B53D-388D42007A00}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D3780B7C-1439-4C8A-AB90-8028E97536E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC3456AE-033E-4352-AEEC-4B95319B90BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{375569B0-01D5-4125-A512-3DD4A394FE08}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8BFDEFD8-9651-4145-878D-9BB73CDA7E18}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{488583EA-6375-4A7F-9E58-A1F521C790E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B0AB638C-F0C8-46E6-8D8B-1CD7C5263C39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{822344FC-8D56-4EA6-877E-E5D8ECB76E12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10494D63-372F-4A90-9DAA-7616E1FF1EB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14EB75FF-F0AE-449D-87C4-4FE76F6E2854}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9EF9F5C-CA02-4B1E-B335-62061702D731}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BC3F4A10-8260-496C-B837-7BD372FCDA22}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

03-01-2016 11:19:21 Removed Java 8 Update 66
11-01-2016 19:51:35 Installed Hi-Rez Studios Games
15-01-2016 05:30:15 Windows Update
22-01-2016 19:28:07 Norton_Power_Eraser_20160122192807041
23-01-2016 22:24:29 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/24/2016 02:16:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 12:29:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 12:29:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 12:29:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 12:29:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 12:29:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (01/24/2016 09:46:32 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/23/2016 10:24:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/23/2016 09:28:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (01/23/2016 09:28:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157


Systemfehler:
=============
Error: (01/24/2016 02:17:45 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 02:15:32 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 01:53:56 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 01:14:33 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 01:14:33 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 01:14:33 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 01:14:33 PM) (Source: DCOM) (EventID: 10016) (User: MICHIBÜRO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichiBüroMihaljS-1-5-21-3268381146-424546740-3302138135-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/24/2016 12:34:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/24/2016 12:34:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Mihalj\AppData\Local\Temp\ehdrv.sys

Error: (01/24/2016 12:34:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


CodeIntegrity:
===================================
  Date: 2016-01-15 20:05:38.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 03:02:59.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 21:02:36.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 11:34:57.560
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-31 15:10:39.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-30 18:59:24.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-24 06:03:03.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-23 23:37:03.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-23 23:34:49.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 07:42:28.655
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16322.86 MB
Verfügbarer physikalischer RAM: 12274.55 MB
Summe virtueller Speicher: 18754.86 MB
Verfügbarer virtueller Speicher: 14172.63 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.44 GB) (Free:134.33 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:886.45 GB) (Free:671.08 GB) NTFS
Drive f: (Volume) (Fixed) (Total:976.56 GB) (Free:588.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55BDBD6D)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 55BDBD96)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Zur Frage ob es noch Probleme gibt mit dem Pc:

Gehört evtl. nicht in diese Kategorie, aber es ist ein Problem

Wenn ich "Neustart" wähle bzw. durchführe dann wird das Netzwerk nicht erkannt und es besteht keine Verbindung zum Internet. -> Unidentifiziertes Netzwerk - keine Internetverbindung.
Jedoch wenn man runterfährt (ausschalten), dann startet Win 10 wieder "normal" mit intaktem Netzwerk. O.o ...ist jetzt nicht tragisch aber ärgerlich.

Alt 25.01.2016, 16:02   #13
M-K-D-B
/// TB-Ausbilder
 
W97M.Downloader - Standard

W97M.Downloader



Servus,



für dein Problem mit dem Netzwerk fällt mir spontan leider keine Lösung ein.





Bitte per Hand löschen:

F:\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
F:\Downloads\SaveFromNetHelper-Web-124d8b0c23-[323].exe
F:\Downloads\SaveFromNetHelper-Web-833a4d344b-[308].exe







Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 25.01.2016, 17:49   #14
Farabolus
 
W97M.Downloader - Standard

W97M.Downloader



Alles erledigt....VIELEN LIEBEN DANK

Weiter so...ihr seid eine große Stütze in der "bösen virtuellen Welt"

Alt 25.01.2016, 18:59   #15
M-K-D-B
/// TB-Ausbilder
 
W97M.Downloader - Standard

W97M.Downloader



Vielen Dank für die netten Worte.




Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu W97M.Downloader
anderes, anhang, benötigt, desktop, durchgeführt, e-mail, emerge, erkannt, frage, hallo zusammen, natürlich, nicht erkannt, nicht mehr, norton, norton 360, rechnung, scan, scannen, schädling, start, system, tool, trojaner, w97m.downloader, wirklich, zusammen




Ähnliche Themen: W97M.Downloader


  1. TrojanDownloader:W97M/Adnel und TrojanDownloader:O97M/Tarbir
    Plagegeister aller Art und deren Bekämpfung - 01.12.2015 (1)
  2. TR/Downloader.Gen
    Plagegeister aller Art und deren Bekämpfung - 25.10.2015 (8)
  3. Malware durch dubiosen Downloader (Lightning Downloader)
    Log-Analyse und Auswertung - 10.07.2015 (9)
  4. W97M.Downloader / -Dropper bei Virenscan entdeckt
    Plagegeister aller Art und deren Bekämpfung - 25.05.2015 (8)
  5. yourfile downloader
    Plagegeister aller Art und deren Bekämpfung - 30.04.2014 (11)
  6. Virus.MSWORD.Marker.r oder auch W97M/Marker.BR
    Log-Analyse und Auswertung - 10.07.2013 (39)
  7. Win32.Downloader.gen in C:\END
    Log-Analyse und Auswertung - 10.06.2013 (15)
  8. PUP Toolbar Downloader?
    Log-Analyse und Auswertung - 24.06.2012 (1)
  9. TR/Downloader.Gen in msm
    Plagegeister aller Art und deren Bekämpfung - 02.02.2009 (0)
  10. Downloader-UA.h
    Plagegeister aller Art und deren Bekämpfung - 04.06.2008 (1)
  11. TR/Downloader.Gen
    Plagegeister aller Art und deren Bekämpfung - 22.12.2007 (6)
  12. downloader.zlob.kf
    Log-Analyse und Auswertung - 14.11.2007 (15)
  13. JS/Downloader.Agent
    Plagegeister aller Art und deren Bekämpfung - 31.10.2007 (0)
  14. Trj/downloader.PTL ???
    Plagegeister aller Art und deren Bekämpfung - 18.08.2007 (10)
  15. Downloader
    Plagegeister aller Art und deren Bekämpfung - 16.08.2006 (3)
  16. HILFEEEE!!!trojan-downloader-ruin, trojan-downloader-wareout
    Log-Analyse und Auswertung - 16.09.2005 (1)
  17. Trj/downloader.GK
    Plagegeister aller Art und deren Bekämpfung - 23.09.2004 (12)

Zum Thema W97M.Downloader - Hallo zusammen, ich wende mich mit einer Bitte bzw. Frage an die Fachleute. Durch Dummheit habe ich in einer E-Mail auf den Anhang geklickt . (Word-Dokument). Natürlich war keine Rechnung - W97M.Downloader...
Archiv
Du betrachtest: W97M.Downloader auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.