Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit Maleware oder Trojaner nach Toolbar Installation

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.02.2017, 12:56   #1
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Hallo,

ich habe am 10.02. ein neues Thema erstellt. Leider habe ich eben erst gesehen, dass das Thema im falschen Forum (Log- Analyse und Auswertung) gelandet ist. Deswegen habe ich wahrscheinlich auch noch keine Antwort erhalten.
Kann ich das dort erstellte Thema irgendwie noch nachträglich verschieben oder soll ich jetzt hier nochmal ein neues Thema erstellen?

Alt 15.02.2017, 20:48   #2
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 16.02.2017, 10:51   #3
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Hallo Matthias,

erstmal kurz vielen lieben Dank für die schnelle Antwort.

Hier die gewünschten LogDateien:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (16-02-2017 10:38:16)
Gestartet von C:\Users\julia\Desktop\Virus
Geladene Profile: julia (Verfügbare Profile: julia)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenOnline64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK)
BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK)
Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF DefaultProfile: z4n199ml.default
FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-16]
FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-16]
FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] ()
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0
CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30]
CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14]
CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15]
CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29]
CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14]
CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24]
CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14]
CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21]
CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-14]
CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29]
CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10]
CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29]
CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11]
CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29]
CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [23696 2016-08-11] (The Nielsen Company)
R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-16] (ASRock Incorporation)
R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [34960 2016-08-11] (The Nielsen Company)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek                                            )
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 08:30 - 2017-02-16 08:30 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia
2017-02-14 13:08 - 2017-02-14 13:08 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia
2017-02-10 19:29 - 2017-02-16 10:38 - 00000000 ____D C:\FRST
2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick
2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp
2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-02 19:26 - 2017-02-16 10:00 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla
2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus
2017-02-01 14:41 - 2017-02-05 17:15 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies
2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf
2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 10:35 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-16 10:31 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid
2017-02-16 08:39 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-16 08:30 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop
2017-02-16 08:30 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
2017-02-16 08:30 - 2016-04-29 21:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-15 21:22 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE}
2017-02-15 11:35 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps
2017-02-12 08:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia
2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android
2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox
2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox
2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify
2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV
2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify
2017-02-11 18:36 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-02-11 18:35 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-11 18:35 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe
2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db
2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music
2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP
2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc
2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD
2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox
2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss
2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup
2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD
2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD
2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log
2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log
2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg
2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group                                               ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 23:29

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von julia (16-02-2017 10:39:21)
Gestartet von C:\Users\julia\Desktop\Virus
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version:  - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4387A60B-29E8-479F-894F-0466AFBB76C7} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A1A1B87-522E-4728-AD81-4834AD0209FE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {C0A505F4-A735-439A-BD69-EC99BF450795} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-29 23:51 - 2016-02-05 15:38 - 06134024 _____ () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 08:43 - 2017-02-06 08:44 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:43 - 2017-02-06 08:43 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:47 - 2016-11-23 08:47 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 07:54 - 2016-06-03 07:54 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-02-15 08:33 - 2017-02-15 08:33 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 06538240 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-07 07:57 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\communication.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 53478912 _____ () C:\Users\julia\AppData\Local\Amazon Music\libcef.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 01976832 _____ () C:\Users\julia\AppData\Local\Amazon Music\libglesv2.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 00075264 _____ () C:\Users\julia\AppData\Local\Amazon Music\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 09:06:51 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/16/2017 08:33:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2017 12:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ed8

Startzeit: 01d2877a2094278f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe

Berichts-ID: dce15be5-f375-11e6-918e-0013ef030494

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c

Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/15/2017 12:57:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2017 11:56:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a40

Startzeit: 01d28777074ecf31

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe

Berichts-ID: 574d4097-f36d-11e6-918e-0013ef030494

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c

Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/15/2017 11:56:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2017 11:34:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 10.0.14393.0, Zeitstempel: 0x5789907f
Name des fehlerhaften Moduls: MSDetourHelp.dll_unloaded, Version: 7.3.0.8026, Zeitstempel: 0x57ac8b48
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000272f8
ID des fehlerhaften Prozesses: 0x24e8
Startzeit der fehlerhaften Anwendung: 0x01d287771d80b812
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\rundll32.exe
Pfad des fehlerhaften Moduls: MSDetourHelp.dll
Berichtskennung: 5d1ae49a-4f89-42b4-931d-77a87d0f5619
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/15/2017 11:34:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b4dd
ID des fehlerhaften Prozesses: 0x2364
Startzeit der fehlerhaften Anwendung: 0x01d2876e17ee72ea
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 84ba6dd5-9b21-4e66-8b02-3fdaee46a093
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/15/2017 10:18:45 AM) (Source: MsiInstaller) (EventID: 1002) (User: DESKTOP-N0N5AE6)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (02/15/2017 10:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00293638
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0x01d2876c72b5b56d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b3eb250e-771c-4f62-9dae-8f9b779c46e9
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/15/2017 10:18:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000045fa
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0x01d2876c72b5b56d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Berichtskennung: c17e9e35-0fa2-439b-9be1-2d623355fa28
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/16/2017 08:29:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 12:24:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 11:33:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 10:30:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 08:29:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 12:18:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-02-13 19:49:26.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-06 15:30:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 20:23:11.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 19:25:05.946
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-03 19:14:25.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:50.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:49.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.578
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 15:58:00.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G 
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 10401.27 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 11792.1 MB

==================== Laufwerke ================================

Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:738.17 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 16.02.2017, 10:52   #4
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Code:
ATTFilter
10:45:55.0368 0x2a68  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
10:46:00.0631 0x2a68  ============================================================
10:46:00.0631 0x2a68  Current date / time: 2017/02/16 10:46:00.0631
10:46:00.0631 0x2a68  SystemInfo:
10:46:00.0631 0x2a68  
10:46:00.0631 0x2a68  OS Version: 10.0.14393 ServicePack: 0.0
10:46:00.0631 0x2a68  Product type: Workstation
10:46:00.0631 0x2a68  ComputerName: DESKTOP-N0N5AE6
10:46:00.0632 0x2a68  UserName: julia
10:46:00.0632 0x2a68  Windows directory: C:\WINDOWS
10:46:00.0632 0x2a68  System windows directory: C:\WINDOWS
10:46:00.0632 0x2a68  Running under WOW64
10:46:00.0632 0x2a68  Processor architecture: Intel x64
10:46:00.0632 0x2a68  Number of processors: 4
10:46:00.0632 0x2a68  Page size: 0x1000
10:46:00.0632 0x2a68  Boot type: Normal boot
10:46:00.0632 0x2a68  CodeIntegrityOptions = 0x00000001
10:46:00.0632 0x2a68  ============================================================
10:46:00.0858 0x2a68  KLMD registered as C:\WINDOWS\system32\drivers\65784865.sys
10:46:00.0858 0x2a68  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
10:46:01.0005 0x2a68  System UUID: {3621A839-9A77-6A58-849F-E7071E6DF660}
10:46:01.0353 0x2a68  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:46:01.0372 0x2a68  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0375 0x2a68  Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0379 0x2a68  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0382 0x2a68  Drive \Device\Harddisk4\DR4 - Size: 0x15D50D00000 ( 1397.26 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0386 0x2a68  ============================================================
10:46:01.0386 0x2a68  \Device\Harddisk0\DR0:
10:46:01.0387 0x2a68  MBR partitions:
10:46:01.0387 0x2a68  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
10:46:01.0387 0x2a68  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x7460BDB0
10:46:01.0387 0x2a68  \Device\Harddisk1\DR1:
10:46:01.0387 0x2a68  MBR partitions:
10:46:01.0387 0x2a68  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
10:46:01.0387 0x2a68  \Device\Harddisk2\DR2:
10:46:01.0389 0x2a68  MBR partitions:
10:46:01.0389 0x2a68  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544B01
10:46:01.0389 0x2a68  \Device\Harddisk3\DR3:
10:46:01.0389 0x2a68  MBR partitions:
10:46:01.0389 0x2a68  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
10:46:01.0389 0x2a68  \Device\Harddisk4\DR4:
10:46:01.0390 0x2a68  MBR partitions:
10:46:01.0390 0x2a68  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
10:46:01.0390 0x2a68  ============================================================
10:46:01.0409 0x2a68  C: <-> \Device\Harddisk0\DR0\Partition2
10:46:01.0410 0x2a68  E: <-> \Device\Harddisk1\DR1\Partition1
10:46:01.0421 0x2a68  F: <-> \Device\Harddisk4\DR4\Partition1
10:46:01.0458 0x2a68  G: <-> \Device\Harddisk3\DR3\Partition1
10:46:01.0470 0x2a68  H: <-> \Device\Harddisk2\DR2\Partition1
10:46:01.0470 0x2a68  ============================================================
10:46:01.0470 0x2a68  Initialize success
10:46:01.0470 0x2a68  ============================================================
10:46:32.0168 0x46dc  ============================================================
10:46:32.0168 0x46dc  Scan started
10:46:32.0168 0x46dc  Mode: Manual; SigCheck; TDLFS; 
10:46:32.0168 0x46dc  ============================================================
10:46:32.0168 0x46dc  KSN ping started
10:46:32.0723 0x46dc  KSN ping finished: true
10:46:34.0921 0x46dc  ================ Scan system memory ========================
10:46:34.0921 0x46dc  System memory - ok
10:46:34.0922 0x46dc  ================ Scan services =============================
10:46:35.0073 0x46dc  1394ohci - ok
10:46:35.0083 0x46dc  3ware - ok
10:46:35.0108 0x46dc  ACPI - ok
10:46:35.0113 0x46dc  AcpiDev - ok
10:46:35.0119 0x46dc  acpiex - ok
10:46:35.0126 0x46dc  acpipagr - ok
10:46:35.0154 0x46dc  AcpiPmi - ok
10:46:35.0160 0x46dc  acpitime - ok
10:46:35.0226 0x46dc  [ 295D6A7FC220634C8E6F5F27A6EDAEE7, 155C83D1E359764A25B97B050B8ED6ABB5FF742D00401004206A4616434EE3D4 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
10:46:35.0292 0x46dc  AdaptiveSleepService - ok
10:46:35.0407 0x46dc  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:46:35.0431 0x46dc  AdobeARMservice - ok
10:46:35.0441 0x46dc  ADP80XX - ok
10:46:35.0466 0x46dc  AFD - ok
10:46:35.0476 0x46dc  ahcache - ok
10:46:35.0493 0x46dc  AJRouter - ok
10:46:35.0503 0x46dc  ALG - ok
10:46:35.0536 0x46dc  [ 52E0D15D162A6C02E58C5E9E91155031, 09BB2288929D853CAFA25A741CB540E20BDEF421E3E41BFF5BEF78D786021F5A ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:46:35.0552 0x46dc  AMD External Events Utility - ok
10:46:35.0607 0x46dc  [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd       C:\WINDOWS\system32\drivers\amdacpksd.sys
10:46:35.0626 0x46dc  amdacpksd - ok
10:46:35.0632 0x46dc  AmdK8 - ok
10:46:35.0676 0x46dc  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
10:46:35.0685 0x46dc  amdkmafd - ok
10:46:35.0731 0x46dc  amdkmdag - ok
10:46:35.0774 0x46dc  [ 8B5782CA9386724048F11C1607425B31, B398B8547B5BB806B73211A3C40EC0337B2D5274F17DD0F7FFDCC91CA853DA7B ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys
10:46:35.0806 0x46dc  amdkmdap - ok
10:46:35.0813 0x46dc  AmdPPM - ok
10:46:35.0818 0x46dc  amdsata - ok
10:46:35.0823 0x46dc  amdsbs - ok
10:46:35.0829 0x46dc  amdxata - ok
10:46:35.0834 0x46dc  AppID - ok
10:46:35.0839 0x46dc  AppIDSvc - ok
10:46:35.0845 0x46dc  Appinfo - ok
10:46:35.0851 0x46dc  applockerfltr - ok
10:46:35.0856 0x46dc  AppMgmt - ok
10:46:35.0950 0x46dc  [ CF75D615A823FB3A0F8AA87CC53BE4AB, 6ACA246D12A6EA95AEDEE1FF99A6A1BA25000A47AB095E8B72C9352E82E9A21A ] AppObserver     C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys
10:46:35.0959 0x46dc  AppObserver - ok
10:46:35.0976 0x46dc  AppReadiness - ok
10:46:36.0003 0x46dc  AppVClient - ok
10:46:36.0016 0x46dc  AppvStrm - ok
10:46:36.0048 0x46dc  AppvVemgr - ok
10:46:36.0057 0x46dc  AppvVfs - ok
10:46:36.0065 0x46dc  AppXSvc - ok
10:46:36.0071 0x46dc  arcsas - ok
10:46:36.0100 0x46dc  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
10:46:36.0112 0x46dc  AsrAppCharger - ok
10:46:36.0205 0x46dc  [ 75D6C3469347DE1CDFA3B1B9F1544208, 2AA1B08F47FBB1E2BD2E4A492F5D616968E703E1359A921F62B38B8E4662F0C4 ] AsrAutoChkUpdDrv C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
10:46:36.0223 0x46dc  AsrAutoChkUpdDrv - ok
10:46:36.0240 0x46dc  [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101       C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
10:46:36.0252 0x46dc  AsrDrv101 - ok
10:46:36.0348 0x46dc  [ A16DACE95B82683C852CD18578162735, 6E3663B43FB18BFD3B47A63297FA251C467D7B3C7B70020FC87DEAD8F0882B37 ] ASRockIOMon     C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
10:46:36.0376 0x46dc  ASRockIOMon - ok
10:46:36.0397 0x46dc  [ A149C93231945A5118C63AEACA6D1E72, 60B28184585B389751FCF71651A139D74018DE04AEBF4A497835AF727B64BD53 ] AsrRamDisk      C:\WINDOWS\system32\drivers\AsrRamDisk.sys
10:46:36.0406 0x46dc  AsrRamDisk - ok
10:46:36.0411 0x46dc  AsyncMac - ok
10:46:36.0416 0x46dc  atapi - ok
10:46:36.0455 0x46dc  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
10:46:36.0476 0x46dc  AtiHDAudioService - ok
10:46:36.0501 0x46dc  [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
10:46:36.0511 0x46dc  ATP - ok
10:46:36.0517 0x46dc  AudioEndpointBuilder - ok
10:46:36.0532 0x46dc  Audiosrv - ok
10:46:36.0764 0x46dc  [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
10:46:36.0886 0x46dc  AVKProxy - ok
10:46:36.0968 0x46dc  [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService      C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
10:46:36.0998 0x46dc  AVKService - ok
10:46:37.0092 0x46dc  [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl         C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
10:46:37.0168 0x46dc  AVKWCtl - ok
10:46:37.0190 0x46dc  AxInstSV - ok
10:46:37.0196 0x46dc  b06bdrv - ok
10:46:37.0201 0x46dc  BasicDisplay - ok
10:46:37.0206 0x46dc  BasicRender - ok
10:46:37.0214 0x46dc  bcmfn - ok
10:46:37.0219 0x46dc  bcmfn2 - ok
10:46:37.0246 0x46dc  BDESVC - ok
10:46:37.0272 0x46dc  Beep - ok
10:46:37.0281 0x46dc  BFE - ok
10:46:37.0289 0x46dc  BITS - ok
10:46:37.0364 0x46dc  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:46:37.0390 0x46dc  Bonjour Service - ok
10:46:37.0412 0x46dc  bowser - ok
10:46:37.0428 0x46dc  BrokerInfrastructure - ok
10:46:37.0433 0x46dc  Browser - ok
10:46:37.0461 0x46dc  BthAvrcpTg - ok
10:46:37.0466 0x46dc  BthHFEnum - ok
10:46:37.0471 0x46dc  bthhfhid - ok
10:46:37.0482 0x46dc  BthHFSrv - ok
10:46:37.0488 0x46dc  BTHMODEM - ok
10:46:37.0496 0x46dc  bthserv - ok
10:46:37.0503 0x46dc  buttonconverter - ok
10:46:37.0510 0x46dc  CapImg - ok
10:46:37.0516 0x46dc  cdfs - ok
10:46:37.0527 0x46dc  CDPSvc - ok
10:46:37.0546 0x46dc  CDPUserSvc - ok
10:46:37.0586 0x46dc  cdrom - ok
10:46:37.0634 0x46dc  CertPropSvc - ok
10:46:37.0747 0x46dc  [ 512C91F1261CC0463CAC3C12F142669A, BF70A3128CE50B0FAFEB35353494D750E56D686C30F399F0234AA9242DB19031 ] cfosspeed       C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys
10:46:37.0800 0x46dc  cfosspeed - ok
10:46:37.0937 0x46dc  [ A9A581F2C8F06C083831A996742375BE, 7A7DC106FF149703A17330F670B9A94578664BBD844F5BBD32B5832A221BE934 ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe
10:46:37.0971 0x46dc  cFosSpeedS - ok
10:46:37.0978 0x46dc  cht4iscsi - ok
10:46:37.0983 0x46dc  cht4vbd - ok
10:46:37.0988 0x46dc  circlass - ok
10:46:38.0006 0x46dc  CLFS - ok
10:46:38.0012 0x46dc  ClipSVC - ok
10:46:38.0017 0x46dc  clreg - ok
10:46:38.0032 0x46dc  CmBatt - ok
10:46:38.0037 0x46dc  CNG - ok
10:46:38.0042 0x46dc  cnghwassist - ok
10:46:38.0085 0x46dc  CompositeBus - ok
10:46:38.0090 0x46dc  COMSysApp - ok
10:46:38.0097 0x46dc  condrv - ok
10:46:38.0136 0x46dc  CoreMessagingRegistrar - ok
10:46:38.0155 0x46dc  CryptSvc - ok
10:46:38.0166 0x46dc  CSC - ok
10:46:38.0174 0x46dc  CscService - ok
10:46:38.0181 0x46dc  dam - ok
10:46:38.0237 0x46dc  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:46:38.0249 0x46dc  dbupdate - ok
10:46:38.0257 0x46dc  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:46:38.0269 0x46dc  dbupdatem - ok
10:46:38.0274 0x46dc  dbx - ok
10:46:38.0297 0x46dc  [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
10:46:38.0308 0x46dc  DbxSvc - ok
10:46:38.0316 0x46dc  DcomLaunch - ok
10:46:38.0322 0x46dc  DcpSvc - ok
10:46:38.0345 0x46dc  defragsvc - ok
10:46:38.0365 0x46dc  DeviceAssociationService - ok
10:46:38.0381 0x46dc  DeviceInstall - ok
10:46:38.0386 0x46dc  DevQueryBroker - ok
10:46:38.0401 0x46dc  Dfsc - ok
10:46:38.0434 0x46dc  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:46:38.0446 0x46dc  dg_ssudbus - ok
10:46:38.0459 0x46dc  Dhcp - ok
10:46:38.0484 0x46dc  diagnosticshub.standardcollector.service - ok
10:46:38.0527 0x46dc  DiagTrack - ok
10:46:38.0532 0x46dc  disk - ok
10:46:38.0563 0x46dc  DmEnrollmentSvc - ok
10:46:38.0568 0x46dc  dmvsc - ok
10:46:38.0573 0x46dc  dmwappushservice - ok
10:46:38.0587 0x46dc  Dnscache - ok
10:46:38.0594 0x46dc  dot3svc - ok
10:46:38.0628 0x46dc  DPS - ok
10:46:38.0637 0x46dc  drmkaud - ok
10:46:38.0642 0x46dc  DsmSvc - ok
10:46:38.0648 0x46dc  DsSvc - ok
10:46:38.0654 0x46dc  DXGKrnl - ok
10:46:38.0659 0x46dc  EapHost - ok
10:46:38.0675 0x46dc  ebdrv - ok
10:46:38.0710 0x46dc  EFS - ok
10:46:38.0746 0x46dc  EhStorClass - ok
10:46:38.0767 0x46dc  EhStorTcgDrv - ok
10:46:38.0779 0x46dc  embeddedmode - ok
10:46:38.0823 0x46dc  EntAppSvc - ok
10:46:38.0831 0x46dc  ErrDev - ok
10:46:38.0854 0x46dc  EventSystem - ok
10:46:38.0859 0x46dc  exfat - ok
10:46:38.0866 0x46dc  fastfat - ok
10:46:38.0895 0x46dc  Fax - ok
10:46:38.0901 0x46dc  fdc - ok
10:46:38.0915 0x46dc  fdPHost - ok
10:46:38.0921 0x46dc  FDResPub - ok
10:46:38.0955 0x46dc  fhsvc - ok
10:46:38.0994 0x46dc  FileCrypt - ok
10:46:39.0000 0x46dc  FileInfo - ok
10:46:39.0006 0x46dc  Filetrace - ok
10:46:39.0011 0x46dc  flpydisk - ok
10:46:39.0018 0x46dc  FltMgr - ok
10:46:39.0046 0x46dc  FontCache - ok
10:46:39.0143 0x46dc  FontCache3.0.0.0 - ok
10:46:39.0155 0x46dc  FrameServer - ok
10:46:39.0160 0x46dc  FsDepends - ok
10:46:39.0167 0x46dc  Fs_Rec - ok
10:46:39.0186 0x46dc  fvevol - ok
10:46:39.0326 0x46dc  [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc     C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
10:46:39.0424 0x46dc  GDBackupSvc - ok
10:46:39.0465 0x46dc  [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
10:46:39.0477 0x46dc  GDBehave - ok
10:46:39.0507 0x46dc  [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
10:46:39.0524 0x46dc  GDElam - ok
10:46:39.0616 0x46dc  [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc         C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
10:46:39.0700 0x46dc  GDFwSvc - ok
10:46:39.0727 0x46dc  [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB           C:\WINDOWS\system32\drivers\GDKBB64.sys
10:46:39.0736 0x46dc  GDKBB - ok
10:46:39.0744 0x46dc  [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt         C:\WINDOWS\system32\drivers\GDKBFlt64.sys
10:46:39.0756 0x46dc  GDKBFlt - ok
10:46:39.0781 0x46dc  [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
10:46:39.0795 0x46dc  GDMnIcpt - ok
10:46:39.0810 0x46dc  [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt        C:\WINDOWS\system32\drivers\PktIcpt.sys
10:46:39.0823 0x46dc  GDPkIcpt - ok
10:46:39.0855 0x46dc  [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
10:46:39.0882 0x46dc  GDScan - ok
10:46:39.0909 0x46dc  [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
10:46:39.0920 0x46dc  gdwfpcd - ok
10:46:39.0926 0x46dc  gencounter - ok
10:46:39.0933 0x46dc  genericusbfn - ok
10:46:39.0986 0x46dc  [ 006537C2E4E3501C48893B3E862B85BE, 1E67B67E8CA546D3811F53D56FA58E913DCD4B4E1300A2373DCAF04D3B2770BC ] GfK-NetworkMeter C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
10:46:40.0024 0x46dc  GfK-NetworkMeter - ok
10:46:40.0103 0x46dc  [ 73260AE94F97F8839836E09090130AAB, 76169687A230805FDAB74453BABD889BEFCB777B0B9E6D1DBC72FFA1F9EDD5C3 ] GfK-Reporting-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
10:46:40.0154 0x46dc  GfK-Reporting-Service - ok
10:46:40.0229 0x46dc  [ FA18DAFE475969EEB83706E165515A52, F7642CFDD1D9B1F8418D57C55A5142CA2DD09A318E5520940F5EFF965F94EAC9 ] GfK-Update-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
10:46:40.0270 0x46dc  GfK-Update-Service - ok
10:46:40.0279 0x46dc  GPIOClx0101 - ok
10:46:40.0286 0x46dc  gpsvc - ok
10:46:40.0292 0x46dc  GpuEnergyDrv - ok
10:46:40.0320 0x46dc  [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
10:46:40.0332 0x46dc  GRD - ok
10:46:40.0382 0x46dc  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:40.0394 0x46dc  gupdate - ok
10:46:40.0412 0x46dc  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:40.0424 0x46dc  gupdatem - ok
10:46:40.0430 0x46dc  HDAudBus - ok
10:46:40.0437 0x46dc  HidBatt - ok
10:46:40.0443 0x46dc  HidBth - ok
10:46:40.0451 0x46dc  hidi2c - ok
10:46:40.0457 0x46dc  hidinterrupt - ok
10:46:40.0464 0x46dc  HidIr - ok
10:46:40.0480 0x46dc  hidserv - ok
10:46:40.0508 0x46dc  [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
10:46:40.0518 0x46dc  HIDSwitch - ok
10:46:40.0540 0x46dc  HidUsb - ok
10:46:40.0568 0x46dc  HomeGroupListener - ok
10:46:40.0576 0x46dc  HomeGroupProvider - ok
10:46:40.0607 0x46dc  [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
10:46:40.0617 0x46dc  HookCentre - ok
10:46:40.0623 0x46dc  HpSAMD - ok
10:46:40.0665 0x46dc  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
10:46:40.0675 0x46dc  HPSupportSolutionsFrameworkService - ok
10:46:40.0690 0x46dc  HTTP - ok
10:46:40.0713 0x46dc  HvHost - ok
10:46:40.0743 0x46dc  hvservice - ok
10:46:40.0755 0x46dc  hwpolicy - ok
10:46:40.0767 0x46dc  hyperkbd - ok
10:46:40.0780 0x46dc  i8042prt - ok
10:46:40.0787 0x46dc  iagpio - ok
10:46:40.0795 0x46dc  iai2c - ok
10:46:40.0802 0x46dc  iaLPSS2i_GPIO2 - ok
10:46:40.0807 0x46dc  iaLPSS2i_I2C - ok
10:46:40.0813 0x46dc  iaLPSSi_GPIO - ok
10:46:40.0818 0x46dc  iaLPSSi_I2C - ok
10:46:40.0824 0x46dc  iaStorAV - ok
10:46:40.0829 0x46dc  iaStorV - ok
10:46:40.0836 0x46dc  ibbus - ok
10:46:40.0851 0x46dc  icssvc - ok
10:46:40.0856 0x46dc  IKEEXT - ok
10:46:40.0862 0x46dc  IndirectKmd - ok
10:46:41.0010 0x46dc  [ 7F08B78B1516626869FB44A61EFDF566, C585902D4F6E36A44097C192CCF19F1947F99C86A7BB77E83C0BE475F0151161 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
10:46:41.0117 0x46dc  IntcAzAudAddService - ok
10:46:41.0130 0x46dc  intelide - ok
10:46:41.0135 0x46dc  intelpep - ok
10:46:41.0141 0x46dc  intelppm - ok
10:46:41.0153 0x46dc  iorate - ok
10:46:41.0158 0x46dc  IpFilterDriver - ok
10:46:41.0180 0x46dc  iphlpsvc - ok
10:46:41.0186 0x46dc  IPMIDRV - ok
10:46:41.0190 0x46dc  IPNAT - ok
10:46:41.0196 0x46dc  irda - ok
10:46:41.0203 0x46dc  IRENUM - ok
10:46:41.0209 0x46dc  irmon - ok
10:46:41.0214 0x46dc  isapnp - ok
10:46:41.0220 0x46dc  iScsiPrt - ok
10:46:41.0233 0x46dc  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
10:46:41.0246 0x46dc  iwdbus - ok
10:46:41.0263 0x46dc  kbdclass - ok
10:46:41.0281 0x46dc  kbdhid - ok
10:46:41.0314 0x46dc  kdnic - ok
10:46:41.0319 0x46dc  KeyIso - ok
10:46:41.0340 0x46dc  KSecDD - ok
10:46:41.0345 0x46dc  KSecPkg - ok
10:46:41.0350 0x46dc  ksthunk - ok
10:46:41.0356 0x46dc  KtmRm - ok
10:46:41.0361 0x46dc  LanmanServer - ok
10:46:41.0382 0x46dc  LanmanWorkstation - ok
10:46:41.0390 0x46dc  lfsvc - ok
10:46:41.0412 0x46dc  LicenseManager - ok
10:46:41.0418 0x46dc  lltdio - ok
10:46:41.0425 0x46dc  lltdsvc - ok
10:46:41.0430 0x46dc  lmhosts - ok
10:46:41.0438 0x46dc  LSI_SAS - ok
10:46:41.0443 0x46dc  LSI_SAS2i - ok
10:46:41.0448 0x46dc  LSI_SAS3i - ok
10:46:41.0456 0x46dc  LSI_SSS - ok
10:46:41.0472 0x46dc  LSM - ok
10:46:41.0477 0x46dc  luafv - ok
10:46:41.0490 0x46dc  MapsBroker - ok
10:46:41.0509 0x46dc  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
10:46:41.0517 0x46dc  MBAMProtector - ok
10:46:41.0591 0x46dc  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:46:41.0631 0x46dc  MBAMService - ok
10:46:41.0660 0x46dc  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
10:46:41.0672 0x46dc  MBAMSwissArmy - ok
10:46:41.0686 0x46dc  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
10:46:41.0695 0x46dc  MBAMWebAccessControl - ok
10:46:41.0706 0x46dc  [ C91B758B4AB1ECEA34AEDA851E05B5D9, 73BA1CAD3CAEE87F5855ED0F4E1F3A96FACA656D1C935B56CC4B5D5AEBF7191C ] MBI             C:\WINDOWS\System32\drivers\MBI.sys
10:46:41.0716 0x46dc  MBI - ok
10:46:41.0723 0x46dc  megasas - ok
10:46:41.0755 0x46dc  megasas2i - ok
10:46:41.0760 0x46dc  megasr - ok
10:46:41.0767 0x46dc  MessagingService - ok
10:46:41.0783 0x46dc  mlx4_bus - ok
10:46:41.0788 0x46dc  MMCSS - ok
10:46:41.0794 0x46dc  Modem - ok
10:46:41.0812 0x46dc  monitor - ok
10:46:41.0818 0x46dc  mouclass - ok
10:46:41.0822 0x46dc  mouhid - ok
10:46:41.0828 0x46dc  mountmgr - ok
10:46:41.0862 0x46dc  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:41.0874 0x46dc  MozillaMaintenance - ok
10:46:41.0879 0x46dc  mpsdrv - ok
10:46:41.0884 0x46dc  MpsSvc - ok
10:46:41.0898 0x46dc  MRxDAV - ok
10:46:41.0908 0x46dc  mrxsmb - ok
10:46:41.0938 0x46dc  mrxsmb10 - ok
10:46:41.0943 0x46dc  mrxsmb20 - ok
10:46:41.0954 0x46dc  MsBridge - ok
10:46:41.0965 0x46dc  MSDTC - ok
10:46:41.0974 0x46dc  Msfs - ok
10:46:41.0980 0x46dc  msgpiowin32 - ok
10:46:41.0985 0x46dc  mshidkmdf - ok
10:46:41.0991 0x46dc  mshidumdf - ok
10:46:41.0997 0x46dc  msisadrv - ok
10:46:42.0011 0x46dc  MSiSCSI - ok
10:46:42.0017 0x46dc  msiserver - ok
10:46:42.0023 0x46dc  MSKSSRV - ok
10:46:42.0028 0x46dc  MsLldp - ok
10:46:42.0033 0x46dc  MSPCLOCK - ok
10:46:42.0039 0x46dc  MSPQM - ok
10:46:42.0044 0x46dc  MsRPC - ok
10:46:42.0051 0x46dc  MsSecFlt - ok
10:46:42.0058 0x46dc  mssmbios - ok
10:46:42.0062 0x46dc  MSTEE - ok
10:46:42.0090 0x46dc  MTConfig - ok
10:46:42.0095 0x46dc  Mup - ok
10:46:42.0100 0x46dc  mvumis - ok
10:46:42.0117 0x46dc  NativeWifiP - ok
10:46:42.0123 0x46dc  NcaSvc - ok
10:46:42.0144 0x46dc  NcbService - ok
10:46:42.0149 0x46dc  NcdAutoSetup - ok
10:46:42.0155 0x46dc  ndfltr - ok
10:46:42.0169 0x46dc  NDIS - ok
10:46:42.0174 0x46dc  NdisCap - ok
10:46:42.0189 0x46dc  NdisImPlatform - ok
10:46:42.0193 0x46dc  NdisTapi - ok
10:46:42.0198 0x46dc  Ndisuio - ok
10:46:42.0205 0x46dc  NdisVirtualBus - ok
10:46:42.0209 0x46dc  NdisWan - ok
10:46:42.0215 0x46dc  ndiswanlegacy - ok
10:46:42.0221 0x46dc  ndproxy - ok
10:46:42.0226 0x46dc  Ndu - ok
10:46:42.0231 0x46dc  NetAdapterCx - ok
10:46:42.0237 0x46dc  NetBIOS - ok
10:46:42.0245 0x46dc  NetBT - ok
10:46:42.0251 0x46dc  Netlogon - ok
10:46:42.0258 0x46dc  Netman - ok
10:46:42.0265 0x46dc  netprofm - ok
10:46:42.0276 0x46dc  NetSetupSvc - ok
10:46:42.0297 0x46dc  NetTcpPortSharing - ok
10:46:42.0305 0x46dc  NgcCtnrSvc - ok
10:46:42.0311 0x46dc  NgcSvc - ok
10:46:42.0424 0x46dc  [ D071420836523656737B7D8252175B17, F88822A2A88ACE2EF3F3C5DF61671F8E2846F38D6405CE795D835C8406EC79B3 ] NielsenUpdate   C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
10:46:42.0500 0x46dc  NielsenUpdate - ok
10:46:42.0511 0x46dc  NlaSvc - ok
10:46:42.0573 0x46dc  [ 1FB571692EDEFEE0DC1A10DA33113C10, 35BB050759232338F28C1304EB9DE89DC63B87989AC60C4AEDEBDB2A4F407BDB ] nnfwdk          C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys
10:46:42.0583 0x46dc  nnfwdk - ok
10:46:42.0589 0x46dc  Npfs - ok
10:46:42.0595 0x46dc  npsvctrig - ok
10:46:42.0601 0x46dc  nsi - ok
10:46:42.0608 0x46dc  nsiproxy - ok
10:46:42.0625 0x46dc  NTFS - ok
10:46:42.0630 0x46dc  Null - ok
10:46:42.0636 0x46dc  nvraid - ok
10:46:42.0641 0x46dc  nvstor - ok
10:46:42.0658 0x46dc  OneSyncSvc - ok
10:46:42.0863 0x46dc  [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
10:46:42.0916 0x46dc  Origin Client Service - ok
10:46:43.0041 0x46dc  [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
10:46:43.0095 0x46dc  Origin Web Helper Service - ok
10:46:43.0111 0x46dc  p2pimsvc - ok
10:46:43.0130 0x46dc  p2psvc - ok
10:46:43.0134 0x46dc  Parport - ok
10:46:43.0150 0x46dc  partmgr - ok
10:46:43.0200 0x46dc  PcaSvc - ok
10:46:43.0219 0x46dc  pci - ok
10:46:43.0247 0x46dc  pciide - ok
10:46:43.0255 0x46dc  pcmcia - ok
10:46:43.0261 0x46dc  pcw - ok
10:46:43.0273 0x46dc  pdc - ok
10:46:43.0308 0x46dc  PEAUTH - ok
10:46:43.0315 0x46dc  PeerDistSvc - ok
10:46:43.0322 0x46dc  percsas2i - ok
10:46:43.0332 0x46dc  percsas3i - ok
10:46:43.0409 0x46dc  PerfHost - ok
10:46:43.0445 0x46dc  PhoneSvc - ok
10:46:43.0464 0x46dc  PimIndexMaintenanceSvc - ok
10:46:43.0477 0x46dc  pla - ok
10:46:43.0536 0x46dc  [ E3286E1138D2B8481FD58152E4D851F9, A2A78EBB24A2C3CB0BCC7ED1143D0E589469C8BD651DA1CE441AB3F20C38A261 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
10:46:43.0557 0x46dc  PlaysService - ok
10:46:43.0568 0x46dc  PlugPlay - ok
10:46:43.0577 0x46dc  PNRPAutoReg - ok
10:46:43.0584 0x46dc  PNRPsvc - ok
10:46:43.0591 0x46dc  PolicyAgent - ok
10:46:43.0599 0x46dc  Power - ok
10:46:43.0606 0x46dc  PptpMiniport - ok
10:46:43.0747 0x46dc  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:46:43.0868 0x46dc  PrintNotify - ok
10:46:43.0880 0x46dc  Processor - ok
10:46:43.0888 0x46dc  ProfSvc - ok
10:46:43.0909 0x46dc  Psched - ok
10:46:43.0914 0x46dc  QWAVE - ok
10:46:43.0919 0x46dc  QWAVEdrv - ok
10:46:43.0925 0x46dc  RasAcd - ok
10:46:43.0947 0x46dc  RasAgileVpn - ok
10:46:43.0952 0x46dc  RasAuto - ok
10:46:43.0957 0x46dc  Rasl2tp - ok
10:46:43.0966 0x46dc  RasMan - ok
10:46:43.0971 0x46dc  RasPppoe - ok
10:46:43.0976 0x46dc  RasSstp - ok
10:46:43.0995 0x46dc  rdbss - ok
10:46:44.0022 0x46dc  rdpbus - ok
10:46:44.0027 0x46dc  RDPDR - ok
10:46:44.0055 0x46dc  RdpVideoMiniport - ok
10:46:44.0060 0x46dc  rdyboost - ok
10:46:44.0065 0x46dc  ReFSv1 - ok
10:46:44.0084 0x46dc  RemoteAccess - ok
10:46:44.0089 0x46dc  RemoteRegistry - ok
10:46:44.0134 0x46dc  RetailDemo - ok
10:46:44.0148 0x46dc  RmSvc - ok
10:46:44.0160 0x46dc  RpcEptMapper - ok
10:46:44.0179 0x46dc  RpcLocator - ok
10:46:44.0184 0x46dc  RpcSs - ok
10:46:44.0190 0x46dc  rspndr - ok
10:46:44.0229 0x46dc  [ 952209B8749D7AB91D5BB95665C5D13E, B7E6D7293A2D2B7492FD240E52E041E0BA4818F99FEBB3C6B718C1871D190E26 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
10:46:44.0257 0x46dc  rt640x64 - ok
10:46:44.0265 0x46dc  RtlWlanu_OldIC - ok
10:46:44.0271 0x46dc  s3cap - ok
10:46:44.0284 0x46dc  SamSs - ok
10:46:44.0290 0x46dc  sbp2port - ok
10:46:44.0326 0x46dc  SCardSvr - ok
10:46:44.0351 0x46dc  ScDeviceEnum - ok
10:46:44.0367 0x46dc  scfilter - ok
10:46:44.0373 0x46dc  Schedule - ok
10:46:44.0379 0x46dc  scmbus - ok
10:46:44.0385 0x46dc  scmdisk0101 - ok
10:46:44.0401 0x46dc  SCPolicySvc - ok
10:46:44.0424 0x46dc  sdbus - ok
10:46:44.0429 0x46dc  SDRSVC - ok
10:46:44.0435 0x46dc  sdstor - ok
10:46:44.0442 0x46dc  seclogon - ok
10:46:44.0447 0x46dc  SENS - ok
10:46:44.0450 0x46dc  Sense - ok
10:46:44.0478 0x46dc  SensorDataService - ok
10:46:44.0483 0x46dc  SensorService - ok
10:46:44.0488 0x46dc  SensrSvc - ok
10:46:44.0494 0x46dc  SerCx - ok
10:46:44.0500 0x46dc  SerCx2 - ok
10:46:44.0505 0x46dc  Serenum - ok
10:46:44.0510 0x46dc  Serial - ok
10:46:44.0516 0x46dc  sermouse - ok
10:46:44.0529 0x46dc  SessionEnv - ok
10:46:44.0534 0x46dc  sfloppy - ok
10:46:44.0563 0x46dc  SharedAccess - ok
10:46:44.0569 0x46dc  ShellHWDetection - ok
10:46:44.0587 0x46dc  shpamsvc - ok
10:46:44.0594 0x46dc  SiSRaid2 - ok
10:46:44.0601 0x46dc  SiSRaid4 - ok
10:46:44.0625 0x46dc  smphost - ok
10:46:44.0642 0x46dc  SmsRouter - ok
10:46:44.0651 0x46dc  SNMPTRAP - ok
10:46:44.0672 0x46dc  spaceport - ok
10:46:44.0677 0x46dc  SpbCx - ok
10:46:44.0707 0x46dc  Spooler - ok
10:46:44.0715 0x46dc  sppsvc - ok
10:46:44.0720 0x46dc  srv - ok
10:46:44.0726 0x46dc  srv2 - ok
10:46:44.0741 0x46dc  srvnet - ok
10:46:44.0746 0x46dc  SSDPSRV - ok
10:46:44.0750 0x46dc  SstpSvc - ok
10:46:44.0764 0x46dc  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:46:44.0778 0x46dc  ssudmdm - ok
10:46:44.0818 0x46dc  StateRepository - ok
10:46:44.0924 0x46dc  [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:46:44.0964 0x46dc  Steam Client Service - ok
10:46:44.0974 0x46dc  stexstor - ok
10:46:45.0006 0x46dc  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
10:46:45.0019 0x46dc  StillCam - ok
10:46:45.0025 0x46dc  stisvc - ok
10:46:45.0040 0x46dc  storahci - ok
10:46:45.0045 0x46dc  storflt - ok
10:46:45.0050 0x46dc  stornvme - ok
10:46:45.0056 0x46dc  storqosflt - ok
10:46:45.0072 0x46dc  StorSvc - ok
10:46:45.0078 0x46dc  storufs - ok
10:46:45.0083 0x46dc  storvsc - ok
10:46:45.0088 0x46dc  svsvc - ok
10:46:45.0094 0x46dc  swenum - ok
10:46:45.0099 0x46dc  swprv - ok
10:46:45.0120 0x46dc  Synth3dVsc - ok
10:46:45.0126 0x46dc  SysMain - ok
10:46:45.0138 0x46dc  SystemEventsBroker - ok
10:46:45.0149 0x46dc  TabletInputService - ok
10:46:45.0154 0x46dc  TapiSrv - ok
10:46:45.0160 0x46dc  Tcpip - ok
10:46:45.0164 0x46dc  Tcpip6 - ok
10:46:45.0172 0x46dc  tcpipreg - ok
10:46:45.0180 0x46dc  tdx - ok
10:46:45.0420 0x46dc  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
10:46:45.0583 0x46dc  TeamViewer - ok
10:46:45.0600 0x46dc  terminpt - ok
10:46:45.0605 0x46dc  TermService - ok
10:46:45.0611 0x46dc  Themes - ok
10:46:45.0625 0x46dc  TieringEngineService - ok
10:46:45.0631 0x46dc  tiledatamodelsvc - ok
10:46:45.0635 0x46dc  TimeBrokerSvc - ok
10:46:45.0641 0x46dc  TPM - ok
10:46:45.0646 0x46dc  TrkWks - ok
10:46:45.0678 0x46dc  TrustedInstaller - ok
10:46:45.0685 0x46dc  tsusbflt - ok
10:46:45.0691 0x46dc  TsUsbGD - ok
10:46:45.0696 0x46dc  tsusbhub - ok
10:46:45.0701 0x46dc  tunnel - ok
10:46:45.0721 0x46dc  [ 6A606227DE13B850DCD28AD0F4112506, 6E65A79635BFD0F739479ED1C9C44075F774F9B4C9B98750A99E6FC780EE1000 ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
10:46:45.0734 0x46dc  TXEIx64 - ok
10:46:45.0752 0x46dc  tzautoupdate - ok
10:46:45.0757 0x46dc  UASPStor - ok
10:46:45.0762 0x46dc  UcmCx0101 - ok
10:46:45.0767 0x46dc  UcmTcpciCx0101 - ok
10:46:45.0772 0x46dc  UcmUcsi - ok
10:46:45.0778 0x46dc  Ucx01000 - ok
10:46:45.0783 0x46dc  UdeCx - ok
10:46:45.0788 0x46dc  udfs - ok
10:46:45.0793 0x46dc  UEFI - ok
10:46:45.0799 0x46dc  UevAgentDriver - ok
10:46:45.0820 0x46dc  UevAgentService - ok
10:46:45.0825 0x46dc  Ufx01000 - ok
10:46:45.0831 0x46dc  UfxChipidea - ok
10:46:45.0836 0x46dc  ufxsynopsys - ok
10:46:45.0847 0x46dc  UI0Detect - ok
10:46:45.0852 0x46dc  umbus - ok
10:46:45.0857 0x46dc  UmPass - ok
10:46:45.0863 0x46dc  UmRdpService - ok
10:46:45.0869 0x46dc  UnistoreSvc - ok
10:46:45.0885 0x46dc  upnphost - ok
10:46:45.0889 0x46dc  UrsChipidea - ok
10:46:45.0895 0x46dc  UrsCx01000 - ok
10:46:45.0900 0x46dc  UrsSynopsys - ok
10:46:45.0914 0x46dc  usbaudio - ok
10:46:45.0919 0x46dc  usbccgp - ok
10:46:45.0924 0x46dc  usbcir - ok
10:46:45.0930 0x46dc  usbehci - ok
10:46:45.0936 0x46dc  usbhub - ok
10:46:45.0941 0x46dc  USBHUB3 - ok
10:46:45.0947 0x46dc  usbohci - ok
10:46:45.0952 0x46dc  usbprint - ok
10:46:45.0965 0x46dc  usbscan - ok
10:46:45.0970 0x46dc  usbser - ok
10:46:45.0974 0x46dc  USBSTOR - ok
10:46:45.0980 0x46dc  usbuhci - ok
10:46:46.0005 0x46dc  usbvideo - ok
10:46:46.0010 0x46dc  USBXHCI - ok
10:46:46.0015 0x46dc  UserDataSvc - ok
10:46:46.0033 0x46dc  UserManager - ok
10:46:46.0048 0x46dc  UsoSvc - ok
10:46:46.0052 0x46dc  VaultSvc - ok
10:46:46.0078 0x46dc  [ 98FE661F5744A3E79767CA24ECD2CFC3, D1126DB85CDF9DBBC64C35520742046182F96F5FF6E80196F93D7B7D5F116D8B ] VBoxUSB         C:\WINDOWS\System32\Drivers\VBoxUSB.sys
10:46:46.0094 0x46dc  VBoxUSB - ok
10:46:46.0105 0x46dc  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
10:46:46.0118 0x46dc  VBoxUSBMon - ok
10:46:46.0123 0x46dc  vdrvroot - ok
10:46:46.0144 0x46dc  vds - ok
10:46:46.0148 0x46dc  VerifierExt - ok
10:46:46.0167 0x46dc  vhdmp - ok
10:46:46.0172 0x46dc  vhf - ok
10:46:46.0177 0x46dc  vmbus - ok
10:46:46.0182 0x46dc  VMBusHID - ok
10:46:46.0187 0x46dc  vmgid - ok
10:46:46.0208 0x46dc  vmicguestinterface - ok
10:46:46.0213 0x46dc  vmicheartbeat - ok
10:46:46.0218 0x46dc  vmickvpexchange - ok
10:46:46.0239 0x46dc  vmicrdv - ok
10:46:46.0243 0x46dc  vmicshutdown - ok
10:46:46.0249 0x46dc  vmictimesync - ok
10:46:46.0254 0x46dc  vmicvmsession - ok
10:46:46.0260 0x46dc  vmicvss - ok
10:46:46.0267 0x46dc  volmgr - ok
10:46:46.0273 0x46dc  volmgrx - ok
10:46:46.0278 0x46dc  volsnap - ok
10:46:46.0285 0x46dc  volume - ok
10:46:46.0290 0x46dc  vpci - ok
10:46:46.0296 0x46dc  vsmraid - ok
10:46:46.0301 0x46dc  VSS - ok
10:46:46.0306 0x46dc  VSTXRAID - ok
10:46:46.0312 0x46dc  vwifibus - ok
10:46:46.0317 0x46dc  vwififlt - ok
10:46:46.0322 0x46dc  vwifimp - ok
10:46:46.0328 0x46dc  W32Time - ok
10:46:46.0333 0x46dc  WacomPen - ok
10:46:46.0338 0x46dc  WalletService - ok
10:46:46.0344 0x46dc  wanarp - ok
10:46:46.0349 0x46dc  wanarpv6 - ok
10:46:46.0355 0x46dc  wbengine - ok
10:46:46.0369 0x46dc  WbioSrvc - ok
10:46:46.0375 0x46dc  wcifs - ok
10:46:46.0380 0x46dc  Wcmsvc - ok
10:46:46.0384 0x46dc  wcncsvc - ok
10:46:46.0389 0x46dc  wcnfs - ok
10:46:46.0395 0x46dc  WdBoot - ok
10:46:46.0400 0x46dc  Wdf01000 - ok
10:46:46.0405 0x46dc  WdFilter - ok
10:46:46.0411 0x46dc  WdiServiceHost - ok
10:46:46.0416 0x46dc  WdiSystemHost - ok
10:46:46.0428 0x46dc  wdiwifi - ok
10:46:46.0433 0x46dc  WdNisDrv - ok
10:46:46.0461 0x46dc  WdNisSvc - ok
10:46:46.0468 0x46dc  WebClient - ok
10:46:46.0473 0x46dc  Wecsvc - ok
10:46:46.0480 0x46dc  WEPHOSTSVC - ok
10:46:46.0487 0x46dc  wercplsupport - ok
10:46:46.0493 0x46dc  WerSvc - ok
10:46:46.0497 0x46dc  WFPLWFS - ok
10:46:46.0503 0x46dc  WiaRpc - ok
10:46:46.0508 0x46dc  WIMMount - ok
10:46:46.0512 0x46dc  WinDefend - ok
10:46:46.0523 0x46dc  WindowsTrustedRT - ok
10:46:46.0529 0x46dc  WindowsTrustedRTProxy - ok
10:46:46.0549 0x46dc  WinHttpAutoProxySvc - ok
10:46:46.0554 0x46dc  WinMad - ok
10:46:46.0603 0x46dc  Winmgmt - ok
10:46:46.0616 0x46dc  WinRM - ok
10:46:46.0626 0x46dc  WINUSB - ok
10:46:46.0631 0x46dc  WinVerbs - ok
10:46:46.0654 0x46dc  wisvc - ok
10:46:46.0666 0x46dc  WlanSvc - ok
10:46:46.0681 0x46dc  wlidsvc - ok
10:46:46.0686 0x46dc  WmiAcpi - ok
10:46:46.0694 0x46dc  wmiApSrv - ok
10:46:46.0707 0x46dc  WMPNetworkSvc - ok
10:46:46.0713 0x46dc  Wof - ok
10:46:46.0746 0x46dc  workfolderssvc - ok
10:46:46.0752 0x46dc  WPDBusEnum - ok
10:46:46.0757 0x46dc  WpdUpFltr - ok
10:46:46.0763 0x46dc  WpnService - ok
10:46:46.0768 0x46dc  WpnUserService - ok
10:46:46.0775 0x46dc  ws2ifsl - ok
10:46:46.0782 0x46dc  wscsvc - ok
10:46:46.0791 0x46dc  WSDPrintDevice - ok
10:46:46.0798 0x46dc  WSearch - ok
10:46:46.0816 0x46dc  wuauserv - ok
10:46:46.0821 0x46dc  WudfPf - ok
10:46:46.0827 0x46dc  WUDFRd - ok
10:46:46.0832 0x46dc  wudfsvc - ok
10:46:46.0837 0x46dc  WUDFWpdFs - ok
10:46:46.0843 0x46dc  WUDFWpdMtp - ok
10:46:46.0864 0x46dc  WwanSvc - ok
10:46:46.0885 0x46dc  XblAuthManager - ok
10:46:46.0902 0x46dc  XblGameSave - ok
10:46:46.0907 0x46dc  xboxgip - ok
10:46:46.0913 0x46dc  XboxNetApiSvc - ok
10:46:46.0936 0x46dc  xinputhid - ok
10:46:46.0963 0x46dc  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
10:46:46.0979 0x46dc  XQHDrv - ok
10:46:46.0982 0x46dc  ================ Scan global ===============================
10:46:47.0037 0x46dc  [ Global ] - ok
10:46:47.0038 0x46dc  ================ Scan MBR ==================================
10:46:47.0049 0x46dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:47.0339 0x46dc  \Device\Harddisk0\DR0 - ok
10:46:47.0343 0x46dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:46:48.0114 0x46dc  \Device\Harddisk1\DR1 - ok
10:46:48.0120 0x46dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:46:48.0655 0x46dc  \Device\Harddisk2\DR2 - ok
10:46:48.0661 0x46dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
10:46:49.0366 0x46dc  \Device\Harddisk3\DR3 - ok
10:46:49.0371 0x46dc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
10:46:49.0991 0x46dc  \Device\Harddisk4\DR4 - ok
10:46:49.0991 0x46dc  ================ Scan VBR ==================================
10:46:49.0994 0x46dc  [ 95640EAFE8ECC0F8A271D82081F4A50E ] \Device\Harddisk0\DR0\Partition1
10:46:49.0996 0x46dc  \Device\Harddisk0\DR0\Partition1 - ok
10:46:50.0000 0x46dc  [ 93F98209FF315ACEBA415BC027DA3D4B ] \Device\Harddisk0\DR0\Partition2
10:46:50.0001 0x46dc  \Device\Harddisk0\DR0\Partition2 - ok
10:46:50.0005 0x46dc  [ 9E2C072B82BF6A726F370B6333062648 ] \Device\Harddisk1\DR1\Partition1
10:46:50.0006 0x46dc  \Device\Harddisk1\DR1\Partition1 - ok
10:46:50.0011 0x46dc  [ DE3C4A774925145FAE27CED1ABEDE518 ] \Device\Harddisk2\DR2\Partition1
10:46:50.0016 0x46dc  \Device\Harddisk2\DR2\Partition1 - ok
10:46:50.0020 0x46dc  [ CBDB8840A14F2768BA62E90127E8823C ] \Device\Harddisk3\DR3\Partition1
10:46:50.0024 0x46dc  \Device\Harddisk3\DR3\Partition1 - ok
10:46:50.0028 0x46dc  [ 5987F11274CFF1DD83E0CFDB7F594D72 ] \Device\Harddisk4\DR4\Partition1
10:46:50.0033 0x46dc  \Device\Harddisk4\DR4\Partition1 - ok
10:46:50.0033 0x46dc  ================ Scan generic autorun ======================
10:46:50.0460 0x46dc  [ 4878D4D36D683EBE2F1E5F83C6A3BDB3, 82DA7BFED5F61DF4B679B06339E4065CCE0DA0D6741287F93A2EF1BCC85AB1E1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:46:50.0772 0x46dc  RTHDVCPL - ok
10:46:50.0899 0x46dc  [ C5BDFF312B6AEEF2B4790625B50FCC5E, CE3743140200021A216F0D22334C1EE65B8C7A54552838853771C61467DD05AC ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
10:46:50.0951 0x46dc  XFast LAN - ok
10:46:51.0315 0x46dc  [ 508A138C09D5030E3A22A11FCF90D69E, 3B1E2660453ABAA9610FA2FE85C81AA4DA56FA7823AF01E5ACC411A646604A94 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
10:46:51.0493 0x46dc  StartCN - ok
10:46:51.0509 0x46dc  Logitech Download Assistant - ok
10:46:51.0543 0x46dc  OneDriveSetup - ok
10:46:51.0546 0x46dc  OneDriveSetup - ok
10:46:51.0865 0x46dc  [ B21BF907BEC57CE79A4E1EC7F0717638, AC03F7085ADA3BC49DA183DED2ACB4407F4219D20E224EA7A4157D36884BFC06 ] C:\Program Files (x86)\AirDroid\AirDroid.exe
10:46:52.0056 0x46dc  AirDroid 3 - ok
10:46:52.0213 0x46dc  [ 0D28681183514A3E064AAA9C12D9DC7B, F32FA1A7565E1A2737B67E7DAF8ACC5FDF253D5D9AFC94DB0CB4F0C63117B313 ] C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:46:52.0254 0x46dc  Spotify Web Helper - ok
10:46:52.0467 0x46dc  [ 33527CE93566F5728535C7DA68C6C11D, CF26D17E6BD44F0482DB85A400F42CF9B33BE74B27B9DBE3FA18DFB4D14C3485 ] C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe
10:46:52.0624 0x46dc  Spotify - ok
10:46:52.0719 0x46dc  [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] C:\Program Files (x86)\Steam\steam.exe
10:46:52.0787 0x46dc  Steam - ok
10:46:52.0961 0x46dc  [ 8B37E45C7C41561BF82B2E2A0145C4E5, 5889D467C96E17A4D5B924EF84B0DAFA6CB04ACB248E0C6B0C5CC2CFEFD7CEB3 ] C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
10:46:53.0078 0x46dc  BigNox - ok
10:46:53.0197 0x46dc  [ 0BA57111C2F9A4313F2311CD61DE65FB, 69D4573EC5A720BCDEA094A44F5F6129632B045952525A890DE57A2C002DF934 ] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
10:46:53.0248 0x46dc  XperiaCompanionAgent - ok
10:46:53.0395 0x46dc  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
10:46:53.0457 0x46dc  HP Deskjet 3050A J611 series (NET) - ok
10:46:53.0471 0x46dc  Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
10:46:53.0473 0x46dc  Waiting for KSN requests completion. In queue: 10
10:46:54.0498 0x46dc  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
10:46:54.0500 0x46dc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
10:46:54.0503 0x46dc  FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
10:46:54.0595 0x46dc  ============================================================
10:46:54.0595 0x46dc  Scan finished
10:46:54.0595 0x46dc  ============================================================
10:46:54.0616 0x4854  Detected object count: 0
10:46:54.0616 0x4854  Actual detected object count: 0
         

Alt 16.02.2017, 17:40   #5
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Servus,



bitte beachten:
Zitat:
Gestartet von C:\Users\julia\Desktop\Virus
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 16.02.2017, 18:53   #6
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Hallo,

Entschuldigung, ich dachte wenn ich einen Ordne direkt auf dem Desktop erstelle, ist das in Ordnung.
Ich werde es gleich nochmal machen

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (16-02-2017 18:31:48)
Gestartet von C:\Users\julia\Desktop
Geladene Profile: julia (Verfügbare Profile: julia)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenOnline64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK)
BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK)
Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF DefaultProfile: z4n199ml.default
FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-16]
FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-16]
FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] ()
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0
CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30]
CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14]
CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15]
CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29]
CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14]
CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24]
CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14]
CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21]
CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-14]
CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29]
CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10]
CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29]
CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11]
CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29]
CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [23696 2016-08-11] (The Nielsen Company)
R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-16] (ASRock Incorporation)
R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [34960 2016-08-11] (The Nielsen Company)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek                                            )
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 18:31 - 2017-02-16 18:32 - 00030336 _____ C:\Users\julia\Desktop\FRST.txt
2017-02-16 18:23 - 2017-02-16 18:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\julia\Desktop\tdsskiller.exe
2017-02-16 18:22 - 2017-02-16 18:26 - 02422272 _____ (Farbar) C:\Users\julia\Desktop\FRST64.exe
2017-02-16 10:45 - 2017-02-16 10:52 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.45.55_log.txt
2017-02-16 10:42 - 2017-02-16 10:44 - 00171940 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.42.12_log.txt
2017-02-16 08:30 - 2017-02-16 08:30 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia
2017-02-14 13:08 - 2017-02-14 13:08 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia
2017-02-10 19:29 - 2017-02-16 18:31 - 00000000 ____D C:\FRST
2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick
2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp
2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-02 19:26 - 2017-02-16 10:00 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla
2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus
2017-02-01 14:41 - 2017-02-05 17:15 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies
2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf
2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-16 18:29 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid
2017-02-16 18:21 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-16 17:38 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-16 14:33 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps
2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-16 08:30 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop
2017-02-16 08:30 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
2017-02-16 08:30 - 2016-04-29 21:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-15 21:22 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE}
2017-02-12 08:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia
2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android
2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox
2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox
2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify
2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV
2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify
2017-02-11 18:36 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-02-11 18:35 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-11 18:35 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe
2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db
2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music
2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP
2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc
2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD
2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox
2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss
2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup
2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD
2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD
2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log
2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log
2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg
2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group                                               ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 23:29

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von julia (16-02-2017 18:32:25)
Gestartet von C:\Users\julia\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version:  - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4387A60B-29E8-479F-894F-0466AFBB76C7} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9ACE166C-F599-4125-86A4-5B4DB2491DC4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {C0A505F4-A735-439A-BD69-EC99BF450795} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-29 23:51 - 2016-02-05 15:38 - 06134024 _____ () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:47 - 2016-11-23 08:47 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 07:54 - 2016-06-03 07:54 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-02-15 08:33 - 2017-02-15 08:33 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 06538240 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-07 07:57 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\communication.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00679624 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 53478912 _____ () C:\Users\julia\AppData\Local\Amazon Music\libcef.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 01976832 _____ () C:\Users\julia\AppData\Local\Amazon Music\libglesv2.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 00075264 _____ () C:\Users\julia\AppData\Local\Amazon Music\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 09:06:51 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/16/2017 02:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00293638
ID des fehlerhaften Prozesses: 0x4fe4
Startzeit der fehlerhaften Anwendung: 0x01d2885931a9caed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b12fe7f9-0d9b-47a0-b988-f7a5adf13d07
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/16/2017 02:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000045fa
ID des fehlerhaften Prozesses: 0x4fe4
Startzeit der fehlerhaften Anwendung: 0x01d2885931a9caed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Berichtskennung: ae11e0b3-8fd1-41fb-8d85-9929e5cee318
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/16/2017 02:33:21 PM) (Source: MsiInstaller) (EventID: 1002) (User: DESKTOP-N0N5AE6)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (02/16/2017 02:33:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/16/2017 12:59:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 56cc

Startzeit: 01d288270497c647

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe

Berichts-ID: 554e57c2-f43f-11e6-918e-0013ef030494

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c

Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/16/2017 12:59:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/16/2017 08:33:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2017 12:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ed8

Startzeit: 01d2877a2094278f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe

Berichts-ID: dce15be5-f375-11e6-918e-0013ef030494

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c

Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/15/2017 12:57:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2017 11:56:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a40

Startzeit: 01d28777074ecf31

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe

Berichts-ID: 574d4097-f36d-11e6-918e-0013ef030494

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c

Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1


Systemfehler:
=============
Error: (02/16/2017 08:29:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/16/2017 12:24:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 11:33:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 10:30:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 08:29:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/15/2017 12:18:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-02-13 19:49:26.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-06 15:30:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 20:23:11.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 19:25:05.946
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-03 19:14:25.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:50.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:49.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.578
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 15:58:00.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G 
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 9397.97 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 10752.4 MB

==================== Laufwerke ================================

Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:738.13 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 16.02.2017, 18:54   #7
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Code:
ATTFilter
18:34:11.0550 0x0698  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
18:34:16.0495 0x0698  ============================================================
18:34:16.0495 0x0698  Current date / time: 2017/02/16 18:34:16.0495
18:34:16.0495 0x0698  SystemInfo:
18:34:16.0496 0x0698  
18:34:16.0496 0x0698  OS Version: 10.0.14393 ServicePack: 0.0
18:34:16.0496 0x0698  Product type: Workstation
18:34:16.0496 0x0698  ComputerName: DESKTOP-N0N5AE6
18:34:16.0496 0x0698  UserName: julia
18:34:16.0496 0x0698  Windows directory: C:\WINDOWS
18:34:16.0496 0x0698  System windows directory: C:\WINDOWS
18:34:16.0496 0x0698  Running under WOW64
18:34:16.0496 0x0698  Processor architecture: Intel x64
18:34:16.0496 0x0698  Number of processors: 4
18:34:16.0496 0x0698  Page size: 0x1000
18:34:16.0496 0x0698  Boot type: Normal boot
18:34:16.0496 0x0698  CodeIntegrityOptions = 0x00000001
18:34:16.0496 0x0698  ============================================================
18:34:16.0712 0x0698  KLMD registered as C:\WINDOWS\system32\drivers\13929998.sys
18:34:16.0712 0x0698  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
18:34:16.0836 0x0698  System UUID: {3621A839-9A77-6A58-849F-E7071E6DF660}
18:34:17.0164 0x0698  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:34:17.0172 0x0698  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0175 0x0698  Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0180 0x0698  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0183 0x0698  Drive \Device\Harddisk4\DR4 - Size: 0x15D50D00000 ( 1397.26 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0186 0x0698  ============================================================
18:34:17.0186 0x0698  \Device\Harddisk0\DR0:
18:34:17.0186 0x0698  MBR partitions:
18:34:17.0186 0x0698  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
18:34:17.0186 0x0698  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x7460BDB0
18:34:17.0186 0x0698  \Device\Harddisk1\DR1:
18:34:17.0186 0x0698  MBR partitions:
18:34:17.0186 0x0698  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
18:34:17.0186 0x0698  \Device\Harddisk2\DR2:
18:34:17.0187 0x0698  MBR partitions:
18:34:17.0187 0x0698  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544B01
18:34:17.0187 0x0698  \Device\Harddisk3\DR3:
18:34:17.0402 0x0698  MBR partitions:
18:34:17.0402 0x0698  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
18:34:17.0402 0x0698  \Device\Harddisk4\DR4:
18:34:17.0403 0x0698  MBR partitions:
18:34:17.0403 0x0698  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
18:34:17.0403 0x0698  ============================================================
18:34:17.0434 0x0698  C: <-> \Device\Harddisk0\DR0\Partition2
18:34:17.0463 0x0698  E: <-> \Device\Harddisk1\DR1\Partition1
18:34:17.0490 0x0698  F: <-> \Device\Harddisk4\DR4\Partition1
18:34:17.0525 0x0698  G: <-> \Device\Harddisk3\DR3\Partition1
18:34:17.0930 0x0698  H: <-> \Device\Harddisk2\DR2\Partition1
18:34:17.0930 0x0698  ============================================================
18:34:17.0930 0x0698  Initialize success
18:34:17.0930 0x0698  ============================================================
18:36:41.0510 0x49d8  ============================================================
18:36:41.0510 0x49d8  Scan started
18:36:41.0510 0x49d8  Mode: Manual; SigCheck; TDLFS; 
18:36:41.0510 0x49d8  ============================================================
18:36:41.0510 0x49d8  KSN ping started
18:37:01.0574 0x49d8  KSN ping finished: true
18:37:04.0868 0x49d8  ================ Scan system memory ========================
18:37:04.0868 0x49d8  System memory - ok
18:37:04.0870 0x49d8  ================ Scan services =============================
18:37:05.0078 0x49d8  1394ohci - ok
18:37:05.0085 0x49d8  3ware - ok
18:37:05.0103 0x49d8  ACPI - ok
18:37:05.0110 0x49d8  AcpiDev - ok
18:37:05.0117 0x49d8  acpiex - ok
18:37:05.0125 0x49d8  acpipagr - ok
18:37:05.0160 0x49d8  AcpiPmi - ok
18:37:05.0166 0x49d8  acpitime - ok
18:37:05.0231 0x49d8  [ 295D6A7FC220634C8E6F5F27A6EDAEE7, 155C83D1E359764A25B97B050B8ED6ABB5FF742D00401004206A4616434EE3D4 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
18:37:05.0298 0x49d8  AdaptiveSleepService - ok
18:37:05.0400 0x49d8  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:37:05.0409 0x49d8  AdobeARMservice - ok
18:37:05.0418 0x49d8  ADP80XX - ok
18:37:05.0441 0x49d8  AFD - ok
18:37:05.0451 0x49d8  ahcache - ok
18:37:05.0458 0x49d8  AJRouter - ok
18:37:05.0469 0x49d8  ALG - ok
18:37:05.0501 0x49d8  [ 52E0D15D162A6C02E58C5E9E91155031, 09BB2288929D853CAFA25A741CB540E20BDEF421E3E41BFF5BEF78D786021F5A ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:37:05.0517 0x49d8  AMD External Events Utility - ok
18:37:05.0566 0x49d8  [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd       C:\WINDOWS\system32\drivers\amdacpksd.sys
18:37:05.0580 0x49d8  amdacpksd - ok
18:37:05.0586 0x49d8  AmdK8 - ok
18:37:05.0621 0x49d8  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
18:37:05.0630 0x49d8  amdkmafd - ok
18:37:05.0686 0x49d8  amdkmdag - ok
18:37:05.0723 0x49d8  [ 8B5782CA9386724048F11C1607425B31, B398B8547B5BB806B73211A3C40EC0337B2D5274F17DD0F7FFDCC91CA853DA7B ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys
18:37:05.0744 0x49d8  amdkmdap - ok
18:37:05.0751 0x49d8  AmdPPM - ok
18:37:05.0756 0x49d8  amdsata - ok
18:37:05.0762 0x49d8  amdsbs - ok
18:37:05.0767 0x49d8  amdxata - ok
18:37:05.0772 0x49d8  AppID - ok
18:37:05.0778 0x49d8  AppIDSvc - ok
18:37:05.0784 0x49d8  Appinfo - ok
18:37:05.0790 0x49d8  applockerfltr - ok
18:37:05.0796 0x49d8  AppMgmt - ok
18:37:05.0876 0x49d8  [ CF75D615A823FB3A0F8AA87CC53BE4AB, 6ACA246D12A6EA95AEDEE1FF99A6A1BA25000A47AB095E8B72C9352E82E9A21A ] AppObserver     C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys
18:37:05.0885 0x49d8  AppObserver - ok
18:37:05.0920 0x49d8  AppReadiness - ok
18:37:05.0958 0x49d8  AppVClient - ok
18:37:05.0971 0x49d8  AppvStrm - ok
18:37:05.0992 0x49d8  AppvVemgr - ok
18:37:06.0002 0x49d8  AppvVfs - ok
18:37:06.0026 0x49d8  AppXSvc - ok
18:37:06.0032 0x49d8  arcsas - ok
18:37:06.0055 0x49d8  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
18:37:06.0064 0x49d8  AsrAppCharger - ok
18:37:06.0200 0x49d8  [ 75D6C3469347DE1CDFA3B1B9F1544208, 2AA1B08F47FBB1E2BD2E4A492F5D616968E703E1359A921F62B38B8E4662F0C4 ] AsrAutoChkUpdDrv C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
18:37:06.0207 0x49d8  AsrAutoChkUpdDrv - ok
18:37:06.0244 0x49d8  [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101       C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
18:37:06.0262 0x49d8  AsrDrv101 - ok
18:37:06.0306 0x49d8  [ A16DACE95B82683C852CD18578162735, 6E3663B43FB18BFD3B47A63297FA251C467D7B3C7B70020FC87DEAD8F0882B37 ] ASRockIOMon     C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
18:37:06.0329 0x49d8  ASRockIOMon - ok
18:37:06.0352 0x49d8  [ A149C93231945A5118C63AEACA6D1E72, 60B28184585B389751FCF71651A139D74018DE04AEBF4A497835AF727B64BD53 ] AsrRamDisk      C:\WINDOWS\system32\drivers\AsrRamDisk.sys
18:37:06.0361 0x49d8  AsrRamDisk - ok
18:37:06.0367 0x49d8  AsyncMac - ok
18:37:06.0374 0x49d8  atapi - ok
18:37:06.0410 0x49d8  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
18:37:06.0430 0x49d8  AtiHDAudioService - ok
18:37:06.0456 0x49d8  [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
18:37:06.0466 0x49d8  ATP - ok
18:37:06.0471 0x49d8  AudioEndpointBuilder - ok
18:37:06.0487 0x49d8  Audiosrv - ok
18:37:06.0661 0x49d8  [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
18:37:06.0782 0x49d8  AVKProxy - ok
18:37:06.0847 0x49d8  [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService      C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
18:37:06.0877 0x49d8  AVKService - ok
18:37:06.0967 0x49d8  [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl         C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
18:37:07.0044 0x49d8  AVKWCtl - ok
18:37:07.0065 0x49d8  AxInstSV - ok
18:37:07.0070 0x49d8  b06bdrv - ok
18:37:07.0076 0x49d8  BasicDisplay - ok
18:37:07.0081 0x49d8  BasicRender - ok
18:37:07.0091 0x49d8  bcmfn - ok
18:37:07.0097 0x49d8  bcmfn2 - ok
18:37:07.0110 0x49d8  BDESVC - ok
18:37:07.0127 0x49d8  Beep - ok
18:37:07.0135 0x49d8  BFE - ok
18:37:07.0144 0x49d8  BITS - ok
18:37:07.0213 0x49d8  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:37:07.0226 0x49d8  Bonjour Service - ok
18:37:07.0246 0x49d8  bowser - ok
18:37:07.0262 0x49d8  BrokerInfrastructure - ok
18:37:07.0268 0x49d8  Browser - ok
18:37:07.0285 0x49d8  BthAvrcpTg - ok
18:37:07.0290 0x49d8  BthHFEnum - ok
18:37:07.0296 0x49d8  bthhfhid - ok
18:37:07.0307 0x49d8  BthHFSrv - ok
18:37:07.0312 0x49d8  BTHMODEM - ok
18:37:07.0320 0x49d8  bthserv - ok
18:37:07.0326 0x49d8  buttonconverter - ok
18:37:07.0331 0x49d8  CapImg - ok
18:37:07.0337 0x49d8  cdfs - ok
18:37:07.0352 0x49d8  CDPSvc - ok
18:37:07.0371 0x49d8  CDPUserSvc - ok
18:37:07.0407 0x49d8  cdrom - ok
18:37:07.0418 0x49d8  CertPropSvc - ok
18:37:07.0521 0x49d8  [ 512C91F1261CC0463CAC3C12F142669A, BF70A3128CE50B0FAFEB35353494D750E56D686C30F399F0234AA9242DB19031 ] cfosspeed       C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys
18:37:07.0574 0x49d8  cfosspeed - ok
18:37:07.0705 0x49d8  [ A9A581F2C8F06C083831A996742375BE, 7A7DC106FF149703A17330F670B9A94578664BBD844F5BBD32B5832A221BE934 ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe
18:37:07.0734 0x49d8  cFosSpeedS - ok
18:37:07.0740 0x49d8  cht4iscsi - ok
18:37:07.0745 0x49d8  cht4vbd - ok
18:37:07.0754 0x49d8  circlass - ok
18:37:07.0771 0x49d8  CLFS - ok
18:37:07.0776 0x49d8  ClipSVC - ok
18:37:07.0781 0x49d8  clreg - ok
18:37:07.0796 0x49d8  CmBatt - ok
18:37:07.0802 0x49d8  CNG - ok
18:37:07.0807 0x49d8  cnghwassist - ok
18:37:07.0857 0x49d8  CompositeBus - ok
18:37:07.0868 0x49d8  COMSysApp - ok
18:37:07.0875 0x49d8  condrv - ok
18:37:07.0920 0x49d8  CoreMessagingRegistrar - ok
18:37:07.0933 0x49d8  CryptSvc - ok
18:37:07.0940 0x49d8  CSC - ok
18:37:07.0947 0x49d8  CscService - ok
18:37:07.0955 0x49d8  dam - ok
18:37:08.0012 0x49d8  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:37:08.0023 0x49d8  dbupdate - ok
18:37:08.0032 0x49d8  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:37:08.0042 0x49d8  dbupdatem - ok
18:37:08.0047 0x49d8  dbx - ok
18:37:08.0071 0x49d8  [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
18:37:08.0083 0x49d8  DbxSvc - ok
18:37:08.0103 0x49d8  DcomLaunch - ok
18:37:08.0108 0x49d8  DcpSvc - ok
18:37:08.0114 0x49d8  defragsvc - ok
18:37:08.0130 0x49d8  DeviceAssociationService - ok
18:37:08.0145 0x49d8  DeviceInstall - ok
18:37:08.0151 0x49d8  DevQueryBroker - ok
18:37:08.0166 0x49d8  Dfsc - ok
18:37:08.0198 0x49d8  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:37:08.0210 0x49d8  dg_ssudbus - ok
18:37:08.0233 0x49d8  Dhcp - ok
18:37:08.0259 0x49d8  diagnosticshub.standardcollector.service - ok
18:37:08.0271 0x49d8  DiagTrack - ok
18:37:08.0276 0x49d8  disk - ok
18:37:08.0307 0x49d8  DmEnrollmentSvc - ok
18:37:08.0315 0x49d8  dmvsc - ok
18:37:08.0320 0x49d8  dmwappushservice - ok
18:37:08.0332 0x49d8  Dnscache - ok
18:37:08.0339 0x49d8  dot3svc - ok
18:37:08.0362 0x49d8  DPS - ok
18:37:08.0371 0x49d8  drmkaud - ok
18:37:08.0378 0x49d8  DsmSvc - ok
18:37:08.0383 0x49d8  DsSvc - ok
18:37:08.0399 0x49d8  DXGKrnl - ok
18:37:08.0405 0x49d8  EapHost - ok
18:37:08.0420 0x49d8  ebdrv - ok
18:37:08.0454 0x49d8  EFS - ok
18:37:08.0470 0x49d8  EhStorClass - ok
18:37:08.0491 0x49d8  EhStorTcgDrv - ok
18:37:08.0497 0x49d8  embeddedmode - ok
18:37:08.0536 0x49d8  EntAppSvc - ok
18:37:08.0541 0x49d8  ErrDev - ok
18:37:08.0552 0x49d8  EventSystem - ok
18:37:08.0557 0x49d8  exfat - ok
18:37:08.0562 0x49d8  fastfat - ok
18:37:08.0579 0x49d8  Fax - ok
18:37:08.0585 0x49d8  fdc - ok
18:37:08.0600 0x49d8  fdPHost - ok
18:37:08.0605 0x49d8  FDResPub - ok
18:37:08.0639 0x49d8  fhsvc - ok
18:37:08.0669 0x49d8  FileCrypt - ok
18:37:08.0674 0x49d8  FileInfo - ok
18:37:08.0679 0x49d8  Filetrace - ok
18:37:08.0684 0x49d8  flpydisk - ok
18:37:08.0690 0x49d8  FltMgr - ok
18:37:08.0720 0x49d8  FontCache - ok
18:37:08.0798 0x49d8  FontCache3.0.0.0 - ok
18:37:08.0819 0x49d8  FrameServer - ok
18:37:08.0825 0x49d8  FsDepends - ok
18:37:08.0830 0x49d8  Fs_Rec - ok
18:37:08.0870 0x49d8  fvevol - ok
18:37:09.0033 0x49d8  [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc     C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
18:37:09.0130 0x49d8  GDBackupSvc - ok
18:37:09.0170 0x49d8  [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
18:37:09.0182 0x49d8  GDBehave - ok
18:37:09.0212 0x49d8  [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
18:37:09.0228 0x49d8  GDElam - ok
18:37:09.0321 0x49d8  [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc         C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
18:37:09.0404 0x49d8  GDFwSvc - ok
18:37:09.0441 0x49d8  [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB           C:\WINDOWS\system32\drivers\GDKBB64.sys
18:37:09.0450 0x49d8  GDKBB - ok
18:37:09.0479 0x49d8  [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt         C:\WINDOWS\system32\drivers\GDKBFlt64.sys
18:37:09.0489 0x49d8  GDKBFlt - ok
18:37:09.0526 0x49d8  [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
18:37:09.0540 0x49d8  GDMnIcpt - ok
18:37:09.0555 0x49d8  [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt        C:\WINDOWS\system32\drivers\PktIcpt.sys
18:37:09.0566 0x49d8  GDPkIcpt - ok
18:37:09.0600 0x49d8  [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
18:37:09.0626 0x49d8  GDScan - ok
18:37:09.0644 0x49d8  [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
18:37:09.0656 0x49d8  gdwfpcd - ok
18:37:09.0662 0x49d8  gencounter - ok
18:37:09.0667 0x49d8  genericusbfn - ok
18:37:09.0721 0x49d8  [ 006537C2E4E3501C48893B3E862B85BE, 1E67B67E8CA546D3811F53D56FA58E913DCD4B4E1300A2373DCAF04D3B2770BC ] GfK-NetworkMeter C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
18:37:09.0759 0x49d8  GfK-NetworkMeter - ok
18:37:09.0838 0x49d8  [ 73260AE94F97F8839836E09090130AAB, 76169687A230805FDAB74453BABD889BEFCB777B0B9E6D1DBC72FFA1F9EDD5C3 ] GfK-Reporting-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
18:37:09.0889 0x49d8  GfK-Reporting-Service - ok
18:37:09.0954 0x49d8  [ FA18DAFE475969EEB83706E165515A52, F7642CFDD1D9B1F8418D57C55A5142CA2DD09A318E5520940F5EFF965F94EAC9 ] GfK-Update-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
18:37:09.0992 0x49d8  GfK-Update-Service - ok
18:37:10.0000 0x49d8  GPIOClx0101 - ok
18:37:10.0005 0x49d8  gpsvc - ok
18:37:10.0010 0x49d8  GpuEnergyDrv - ok
18:37:10.0034 0x49d8  [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
18:37:10.0046 0x49d8  GRD - ok
18:37:10.0100 0x49d8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:37:10.0122 0x49d8  gupdate - ok
18:37:10.0138 0x49d8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:37:10.0154 0x49d8  gupdatem - ok
18:37:10.0163 0x49d8  HDAudBus - ok
18:37:10.0171 0x49d8  HidBatt - ok
18:37:10.0179 0x49d8  HidBth - ok
18:37:10.0185 0x49d8  hidi2c - ok
18:37:10.0192 0x49d8  hidinterrupt - ok
18:37:10.0197 0x49d8  HidIr - ok
18:37:10.0215 0x49d8  hidserv - ok
18:37:10.0243 0x49d8  [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
18:37:10.0255 0x49d8  HIDSwitch - ok
18:37:10.0275 0x49d8  HidUsb - ok
18:37:10.0293 0x49d8  HomeGroupListener - ok
18:37:10.0311 0x49d8  HomeGroupProvider - ok
18:37:10.0331 0x49d8  [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
18:37:10.0343 0x49d8  HookCentre - ok
18:37:10.0349 0x49d8  HpSAMD - ok
18:37:10.0390 0x49d8  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
18:37:10.0399 0x49d8  HPSupportSolutionsFrameworkService - ok
18:37:10.0414 0x49d8  HTTP - ok
18:37:10.0438 0x49d8  HvHost - ok
18:37:10.0468 0x49d8  hvservice - ok
18:37:10.0473 0x49d8  hwpolicy - ok
18:37:10.0479 0x49d8  hyperkbd - ok
18:37:10.0495 0x49d8  i8042prt - ok
18:37:10.0500 0x49d8  iagpio - ok
18:37:10.0506 0x49d8  iai2c - ok
18:37:10.0512 0x49d8  iaLPSS2i_GPIO2 - ok
18:37:10.0517 0x49d8  iaLPSS2i_I2C - ok
18:37:10.0524 0x49d8  iaLPSSi_GPIO - ok
18:37:10.0530 0x49d8  iaLPSSi_I2C - ok
18:37:10.0536 0x49d8  iaStorAV - ok
18:37:10.0542 0x49d8  iaStorV - ok
18:37:10.0549 0x49d8  ibbus - ok
18:37:10.0586 0x49d8  icssvc - ok
18:37:10.0592 0x49d8  IKEEXT - ok
18:37:10.0598 0x49d8  IndirectKmd - ok
18:37:10.0728 0x49d8  [ 7F08B78B1516626869FB44A61EFDF566, C585902D4F6E36A44097C192CCF19F1947F99C86A7BB77E83C0BE475F0151161 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:37:10.0839 0x49d8  IntcAzAudAddService - ok
18:37:10.0852 0x49d8  intelide - ok
18:37:10.0858 0x49d8  intelpep - ok
18:37:10.0864 0x49d8  intelppm - ok
18:37:10.0888 0x49d8  iorate - ok
18:37:10.0894 0x49d8  IpFilterDriver - ok
18:37:10.0914 0x49d8  iphlpsvc - ok
18:37:10.0920 0x49d8  IPMIDRV - ok
18:37:10.0928 0x49d8  IPNAT - ok
18:37:10.0933 0x49d8  irda - ok
18:37:10.0940 0x49d8  IRENUM - ok
18:37:10.0947 0x49d8  irmon - ok
18:37:10.0954 0x49d8  isapnp - ok
18:37:10.0961 0x49d8  iScsiPrt - ok
18:37:10.0977 0x49d8  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:37:10.0990 0x49d8  iwdbus - ok
18:37:11.0006 0x49d8  kbdclass - ok
18:37:11.0025 0x49d8  kbdhid - ok
18:37:11.0030 0x49d8  kdnic - ok
18:37:11.0036 0x49d8  KeyIso - ok
18:37:11.0054 0x49d8  KSecDD - ok
18:37:11.0061 0x49d8  KSecPkg - ok
18:37:11.0067 0x49d8  ksthunk - ok
18:37:11.0073 0x49d8  KtmRm - ok
18:37:11.0079 0x49d8  LanmanServer - ok
18:37:11.0096 0x49d8  LanmanWorkstation - ok
18:37:11.0104 0x49d8  lfsvc - ok
18:37:11.0136 0x49d8  LicenseManager - ok
18:37:11.0142 0x49d8  lltdio - ok
18:37:11.0149 0x49d8  lltdsvc - ok
18:37:11.0157 0x49d8  lmhosts - ok
18:37:11.0167 0x49d8  LSI_SAS - ok
18:37:11.0174 0x49d8  LSI_SAS2i - ok
18:37:11.0180 0x49d8  LSI_SAS3i - ok
18:37:11.0186 0x49d8  LSI_SSS - ok
18:37:11.0206 0x49d8  LSM - ok
18:37:11.0211 0x49d8  luafv - ok
18:37:11.0224 0x49d8  MapsBroker - ok
18:37:11.0243 0x49d8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:37:11.0254 0x49d8  MBAMProtector - ok
18:37:11.0305 0x49d8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:37:11.0338 0x49d8  MBAMService - ok
18:37:11.0364 0x49d8  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
18:37:11.0378 0x49d8  MBAMSwissArmy - ok
18:37:11.0390 0x49d8  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
18:37:11.0399 0x49d8  MBAMWebAccessControl - ok
18:37:11.0410 0x49d8  [ C91B758B4AB1ECEA34AEDA851E05B5D9, 73BA1CAD3CAEE87F5855ED0F4E1F3A96FACA656D1C935B56CC4B5D5AEBF7191C ] MBI             C:\WINDOWS\System32\drivers\MBI.sys
18:37:11.0420 0x49d8  MBI - ok
18:37:11.0427 0x49d8  megasas - ok
18:37:11.0459 0x49d8  megasas2i - ok
18:37:11.0466 0x49d8  megasr - ok
18:37:11.0473 0x49d8  MessagingService - ok
18:37:11.0499 0x49d8  mlx4_bus - ok
18:37:11.0504 0x49d8  MMCSS - ok
18:37:11.0511 0x49d8  Modem - ok
18:37:11.0526 0x49d8  monitor - ok
18:37:11.0532 0x49d8  mouclass - ok
18:37:11.0537 0x49d8  mouhid - ok
18:37:11.0543 0x49d8  mountmgr - ok
18:37:11.0577 0x49d8  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:37:11.0607 0x49d8  MozillaMaintenance - ok
18:37:11.0613 0x49d8  mpsdrv - ok
18:37:11.0619 0x49d8  MpsSvc - ok
18:37:11.0625 0x49d8  MRxDAV - ok
18:37:11.0642 0x49d8  mrxsmb - ok
18:37:11.0672 0x49d8  mrxsmb10 - ok
18:37:11.0678 0x49d8  mrxsmb20 - ok
18:37:11.0689 0x49d8  MsBridge - ok
18:37:11.0699 0x49d8  MSDTC - ok
18:37:11.0710 0x49d8  Msfs - ok
18:37:11.0717 0x49d8  msgpiowin32 - ok
18:37:11.0723 0x49d8  mshidkmdf - ok
18:37:11.0729 0x49d8  mshidumdf - ok
18:37:11.0737 0x49d8  msisadrv - ok
18:37:11.0756 0x49d8  MSiSCSI - ok
18:37:11.0761 0x49d8  msiserver - ok
18:37:11.0767 0x49d8  MSKSSRV - ok
18:37:11.0774 0x49d8  MsLldp - ok
18:37:11.0780 0x49d8  MSPCLOCK - ok
18:37:11.0786 0x49d8  MSPQM - ok
18:37:11.0794 0x49d8  MsRPC - ok
18:37:11.0803 0x49d8  MsSecFlt - ok
18:37:11.0811 0x49d8  mssmbios - ok
18:37:11.0816 0x49d8  MSTEE - ok
18:37:11.0823 0x49d8  MTConfig - ok
18:37:11.0829 0x49d8  Mup - ok
18:37:11.0835 0x49d8  mvumis - ok
18:37:11.0852 0x49d8  NativeWifiP - ok
18:37:11.0859 0x49d8  NcaSvc - ok
18:37:11.0879 0x49d8  NcbService - ok
18:37:11.0884 0x49d8  NcdAutoSetup - ok
18:37:11.0891 0x49d8  ndfltr - ok
18:37:11.0903 0x49d8  NDIS - ok
18:37:11.0909 0x49d8  NdisCap - ok
18:37:11.0933 0x49d8  NdisImPlatform - ok
18:37:11.0939 0x49d8  NdisTapi - ok
18:37:11.0945 0x49d8  Ndisuio - ok
18:37:11.0952 0x49d8  NdisVirtualBus - ok
18:37:11.0960 0x49d8  NdisWan - ok
18:37:11.0965 0x49d8  ndiswanlegacy - ok
18:37:11.0971 0x49d8  ndproxy - ok
18:37:11.0977 0x49d8  Ndu - ok
18:37:11.0983 0x49d8  NetAdapterCx - ok
18:37:11.0989 0x49d8  NetBIOS - ok
18:37:11.0998 0x49d8  NetBT - ok
18:37:12.0003 0x49d8  Netlogon - ok
18:37:12.0010 0x49d8  Netman - ok
18:37:12.0017 0x49d8  netprofm - ok
18:37:12.0030 0x49d8  NetSetupSvc - ok
18:37:12.0051 0x49d8  NetTcpPortSharing - ok
18:37:12.0060 0x49d8  NgcCtnrSvc - ok
18:37:12.0066 0x49d8  NgcSvc - ok
18:37:12.0176 0x49d8  [ D071420836523656737B7D8252175B17, F88822A2A88ACE2EF3F3C5DF61671F8E2846F38D6405CE795D835C8406EC79B3 ] NielsenUpdate   C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
18:37:12.0255 0x49d8  NielsenUpdate - ok
18:37:12.0266 0x49d8  NlaSvc - ok
18:37:12.0326 0x49d8  [ 1FB571692EDEFEE0DC1A10DA33113C10, 35BB050759232338F28C1304EB9DE89DC63B87989AC60C4AEDEBDB2A4F407BDB ] nnfwdk          C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys
18:37:12.0334 0x49d8  nnfwdk - ok
18:37:12.0340 0x49d8  Npfs - ok
18:37:12.0348 0x49d8  npsvctrig - ok
18:37:12.0355 0x49d8  nsi - ok
18:37:12.0362 0x49d8  nsiproxy - ok
18:37:12.0379 0x49d8  NTFS - ok
18:37:12.0385 0x49d8  Null - ok
18:37:12.0394 0x49d8  nvraid - ok
18:37:12.0400 0x49d8  nvstor - ok
18:37:12.0423 0x49d8  OneSyncSvc - ok
18:37:12.0556 0x49d8  [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:37:12.0614 0x49d8  Origin Client Service - ok
18:37:12.0685 0x49d8  [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
18:37:12.0742 0x49d8  Origin Web Helper Service - ok
18:37:12.0765 0x49d8  p2pimsvc - ok
18:37:12.0774 0x49d8  p2psvc - ok
18:37:12.0779 0x49d8  Parport - ok
18:37:12.0794 0x49d8  partmgr - ok
18:37:12.0824 0x49d8  PcaSvc - ok
18:37:12.0843 0x49d8  pci - ok
18:37:12.0860 0x49d8  pciide - ok
18:37:12.0865 0x49d8  pcmcia - ok
18:37:12.0871 0x49d8  pcw - ok
18:37:12.0886 0x49d8  pdc - ok
18:37:12.0912 0x49d8  PEAUTH - ok
18:37:12.0918 0x49d8  PeerDistSvc - ok
18:37:12.0923 0x49d8  percsas2i - ok
18:37:12.0929 0x49d8  percsas3i - ok
18:37:13.0002 0x49d8  PerfHost - ok
18:37:13.0039 0x49d8  PhoneSvc - ok
18:37:13.0058 0x49d8  PimIndexMaintenanceSvc - ok
18:37:13.0069 0x49d8  pla - ok
18:37:13.0129 0x49d8  [ E3286E1138D2B8481FD58152E4D851F9, A2A78EBB24A2C3CB0BCC7ED1143D0E589469C8BD651DA1CE441AB3F20C38A261 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
18:37:13.0138 0x49d8  PlaysService - ok
18:37:13.0144 0x49d8  PlugPlay - ok
18:37:13.0149 0x49d8  PNRPAutoReg - ok
18:37:13.0154 0x49d8  PNRPsvc - ok
18:37:13.0161 0x49d8  PolicyAgent - ok
18:37:13.0169 0x49d8  Power - ok
18:37:13.0175 0x49d8  PptpMiniport - ok
18:37:13.0331 0x49d8  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:37:13.0457 0x49d8  PrintNotify - ok
18:37:13.0469 0x49d8  Processor - ok
18:37:13.0482 0x49d8  ProfSvc - ok
18:37:13.0488 0x49d8  Psched - ok
18:37:13.0495 0x49d8  QWAVE - ok
18:37:13.0500 0x49d8  QWAVEdrv - ok
18:37:13.0505 0x49d8  RasAcd - ok
18:37:13.0532 0x49d8  RasAgileVpn - ok
18:37:13.0537 0x49d8  RasAuto - ok
18:37:13.0543 0x49d8  Rasl2tp - ok
18:37:13.0551 0x49d8  RasMan - ok
18:37:13.0556 0x49d8  RasPppoe - ok
18:37:13.0563 0x49d8  RasSstp - ok
18:37:13.0579 0x49d8  rdbss - ok
18:37:13.0596 0x49d8  rdpbus - ok
18:37:13.0601 0x49d8  RDPDR - ok
18:37:13.0629 0x49d8  RdpVideoMiniport - ok
18:37:13.0634 0x49d8  rdyboost - ok
18:37:13.0640 0x49d8  ReFSv1 - ok
18:37:13.0658 0x49d8  RemoteAccess - ok
18:37:13.0664 0x49d8  RemoteRegistry - ok
18:37:13.0672 0x49d8  RetailDemo - ok
18:37:13.0682 0x49d8  RmSvc - ok
18:37:13.0687 0x49d8  RpcEptMapper - ok
18:37:13.0703 0x49d8  RpcLocator - ok
18:37:13.0708 0x49d8  RpcSs - ok
18:37:13.0714 0x49d8  rspndr - ok
18:37:13.0754 0x49d8  [ 952209B8749D7AB91D5BB95665C5D13E, B7E6D7293A2D2B7492FD240E52E041E0BA4818F99FEBB3C6B718C1871D190E26 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
18:37:13.0782 0x49d8  rt640x64 - ok
18:37:13.0813 0x49d8  RtlWlanu_OldIC - ok
18:37:13.0818 0x49d8  s3cap - ok
18:37:13.0838 0x49d8  SamSs - ok
18:37:13.0845 0x49d8  sbp2port - ok
18:37:13.0861 0x49d8  SCardSvr - ok
18:37:13.0876 0x49d8  ScDeviceEnum - ok
18:37:13.0891 0x49d8  scfilter - ok
18:37:13.0897 0x49d8  Schedule - ok
18:37:13.0902 0x49d8  scmbus - ok
18:37:13.0907 0x49d8  scmdisk0101 - ok
18:37:13.0925 0x49d8  SCPolicySvc - ok
18:37:13.0949 0x49d8  sdbus - ok
18:37:13.0955 0x49d8  SDRSVC - ok
18:37:13.0960 0x49d8  sdstor - ok
18:37:13.0966 0x49d8  seclogon - ok
18:37:13.0972 0x49d8  SENS - ok
18:37:13.0977 0x49d8  Sense - ok
18:37:13.0996 0x49d8  SensorDataService - ok
18:37:14.0011 0x49d8  SensorService - ok
18:37:14.0016 0x49d8  SensrSvc - ok
18:37:14.0021 0x49d8  SerCx - ok
18:37:14.0026 0x49d8  SerCx2 - ok
18:37:14.0031 0x49d8  Serenum - ok
18:37:14.0036 0x49d8  Serial - ok
18:37:14.0042 0x49d8  sermouse - ok
18:37:14.0055 0x49d8  SessionEnv - ok
18:37:14.0060 0x49d8  sfloppy - ok
18:37:14.0087 0x49d8  SharedAccess - ok
18:37:14.0093 0x49d8  ShellHWDetection - ok
18:37:14.0111 0x49d8  shpamsvc - ok
18:37:14.0116 0x49d8  SiSRaid2 - ok
18:37:14.0121 0x49d8  SiSRaid4 - ok
18:37:14.0149 0x49d8  smphost - ok
18:37:14.0166 0x49d8  SmsRouter - ok
18:37:14.0179 0x49d8  SNMPTRAP - ok
18:37:14.0206 0x49d8  spaceport - ok
18:37:14.0212 0x49d8  SpbCx - ok
18:37:14.0231 0x49d8  Spooler - ok
18:37:14.0239 0x49d8  sppsvc - ok
18:37:14.0245 0x49d8  srv - ok
18:37:14.0252 0x49d8  srv2 - ok
18:37:14.0275 0x49d8  srvnet - ok
18:37:14.0281 0x49d8  SSDPSRV - ok
18:37:14.0286 0x49d8  SstpSvc - ok
18:37:14.0308 0x49d8  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:37:14.0322 0x49d8  ssudmdm - ok
18:37:14.0332 0x49d8  StateRepository - ok
18:37:14.0411 0x49d8  [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:37:14.0451 0x49d8  Steam Client Service - ok
18:37:14.0459 0x49d8  stexstor - ok
18:37:14.0490 0x49d8  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
18:37:14.0504 0x49d8  StillCam - ok
18:37:14.0510 0x49d8  stisvc - ok
18:37:14.0515 0x49d8  storahci - ok
18:37:14.0520 0x49d8  storflt - ok
18:37:14.0525 0x49d8  stornvme - ok
18:37:14.0532 0x49d8  storqosflt - ok
18:37:14.0537 0x49d8  StorSvc - ok
18:37:14.0542 0x49d8  storufs - ok
18:37:14.0548 0x49d8  storvsc - ok
18:37:14.0554 0x49d8  svsvc - ok
18:37:14.0559 0x49d8  swenum - ok
18:37:14.0566 0x49d8  swprv - ok
18:37:14.0595 0x49d8  Synth3dVsc - ok
18:37:14.0599 0x49d8  SysMain - ok
18:37:14.0612 0x49d8  SystemEventsBroker - ok
18:37:14.0624 0x49d8  TabletInputService - ok
18:37:14.0630 0x49d8  TapiSrv - ok
18:37:14.0635 0x49d8  Tcpip - ok
18:37:14.0640 0x49d8  Tcpip6 - ok
18:37:14.0649 0x49d8  tcpipreg - ok
18:37:14.0660 0x49d8  tdx - ok
18:37:14.0888 0x49d8  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:37:15.0048 0x49d8  TeamViewer - ok
18:37:15.0065 0x49d8  terminpt - ok
18:37:15.0070 0x49d8  TermService - ok
18:37:15.0076 0x49d8  Themes - ok
18:37:15.0100 0x49d8  TieringEngineService - ok
18:37:15.0105 0x49d8  tiledatamodelsvc - ok
18:37:15.0111 0x49d8  TimeBrokerSvc - ok
18:37:15.0122 0x49d8  TPM - ok
18:37:15.0128 0x49d8  TrkWks - ok
18:37:15.0162 0x49d8  TrustedInstaller - ok
18:37:15.0169 0x49d8  tsusbflt - ok
18:37:15.0175 0x49d8  TsUsbGD - ok
18:37:15.0181 0x49d8  tsusbhub - ok
18:37:15.0186 0x49d8  tunnel - ok
18:37:15.0204 0x49d8  [ 6A606227DE13B850DCD28AD0F4112506, 6E65A79635BFD0F739479ED1C9C44075F774F9B4C9B98750A99E6FC780EE1000 ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
18:37:15.0218 0x49d8  TXEIx64 - ok
18:37:15.0235 0x49d8  tzautoupdate - ok
18:37:15.0240 0x49d8  UASPStor - ok
18:37:15.0246 0x49d8  UcmCx0101 - ok
18:37:15.0253 0x49d8  UcmTcpciCx0101 - ok
18:37:15.0260 0x49d8  UcmUcsi - ok
18:37:15.0267 0x49d8  Ucx01000 - ok
18:37:15.0272 0x49d8  UdeCx - ok
18:37:15.0278 0x49d8  udfs - ok
18:37:15.0284 0x49d8  UEFI - ok
18:37:15.0289 0x49d8  UevAgentDriver - ok
18:37:15.0303 0x49d8  UevAgentService - ok
18:37:15.0308 0x49d8  Ufx01000 - ok
18:37:15.0314 0x49d8  UfxChipidea - ok
18:37:15.0320 0x49d8  ufxsynopsys - ok
18:37:15.0332 0x49d8  UI0Detect - ok
18:37:15.0336 0x49d8  umbus - ok
18:37:15.0342 0x49d8  UmPass - ok
18:37:15.0349 0x49d8  UmRdpService - ok
18:37:15.0356 0x49d8  UnistoreSvc - ok
18:37:15.0380 0x49d8  upnphost - ok
18:37:15.0385 0x49d8  UrsChipidea - ok
18:37:15.0392 0x49d8  UrsCx01000 - ok
18:37:15.0397 0x49d8  UrsSynopsys - ok
18:37:15.0407 0x49d8  usbaudio - ok
18:37:15.0412 0x49d8  usbccgp - ok
18:37:15.0418 0x49d8  usbcir - ok
18:37:15.0425 0x49d8  usbehci - ok
18:37:15.0432 0x49d8  usbhub - ok
18:37:15.0437 0x49d8  USBHUB3 - ok
18:37:15.0442 0x49d8  usbohci - ok
18:37:15.0448 0x49d8  usbprint - ok
18:37:15.0458 0x49d8  usbscan - ok
18:37:15.0464 0x49d8  usbser - ok
18:37:15.0469 0x49d8  USBSTOR - ok
18:37:15.0475 0x49d8  usbuhci - ok
18:37:15.0488 0x49d8  usbvideo - ok
18:37:15.0493 0x49d8  USBXHCI - ok
18:37:15.0500 0x49d8  UserDataSvc - ok
18:37:15.0516 0x49d8  UserManager - ok
18:37:15.0531 0x49d8  UsoSvc - ok
18:37:15.0535 0x49d8  VaultSvc - ok
18:37:15.0561 0x49d8  [ 98FE661F5744A3E79767CA24ECD2CFC3, D1126DB85CDF9DBBC64C35520742046182F96F5FF6E80196F93D7B7D5F116D8B ] VBoxUSB         C:\WINDOWS\System32\Drivers\VBoxUSB.sys
18:37:15.0577 0x49d8  VBoxUSB - ok
18:37:15.0589 0x49d8  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
18:37:15.0602 0x49d8  VBoxUSBMon - ok
18:37:15.0607 0x49d8  vdrvroot - ok
18:37:15.0637 0x49d8  vds - ok
18:37:15.0644 0x49d8  VerifierExt - ok
18:37:15.0660 0x49d8  vhdmp - ok
18:37:15.0666 0x49d8  vhf - ok
18:37:15.0671 0x49d8  vmbus - ok
18:37:15.0677 0x49d8  VMBusHID - ok
18:37:15.0683 0x49d8  vmgid - ok
18:37:15.0701 0x49d8  vmicguestinterface - ok
18:37:15.0706 0x49d8  vmicheartbeat - ok
18:37:15.0712 0x49d8  vmickvpexchange - ok
18:37:15.0732 0x49d8  vmicrdv - ok
18:37:15.0736 0x49d8  vmicshutdown - ok
18:37:15.0741 0x49d8  vmictimesync - ok
18:37:15.0748 0x49d8  vmicvmsession - ok
18:37:15.0754 0x49d8  vmicvss - ok
18:37:15.0760 0x49d8  volmgr - ok
18:37:15.0768 0x49d8  volmgrx - ok
18:37:15.0774 0x49d8  volsnap - ok
18:37:15.0780 0x49d8  volume - ok
18:37:15.0785 0x49d8  vpci - ok
18:37:15.0790 0x49d8  vsmraid - ok
18:37:15.0796 0x49d8  VSS - ok
18:37:15.0802 0x49d8  VSTXRAID - ok
18:37:15.0807 0x49d8  vwifibus - ok
18:37:15.0813 0x49d8  vwififlt - ok
18:37:15.0818 0x49d8  vwifimp - ok
18:37:15.0823 0x49d8  W32Time - ok
18:37:15.0829 0x49d8  WacomPen - ok
18:37:15.0835 0x49d8  WalletService - ok
18:37:15.0839 0x49d8  wanarp - ok
18:37:15.0845 0x49d8  wanarpv6 - ok
18:37:15.0851 0x49d8  wbengine - ok
18:37:15.0863 0x49d8  WbioSrvc - ok
18:37:15.0868 0x49d8  wcifs - ok
18:37:15.0875 0x49d8  Wcmsvc - ok
18:37:15.0881 0x49d8  wcncsvc - ok
18:37:15.0887 0x49d8  wcnfs - ok
18:37:15.0893 0x49d8  WdBoot - ok
18:37:15.0899 0x49d8  Wdf01000 - ok
18:37:15.0904 0x49d8  WdFilter - ok
18:37:15.0910 0x49d8  WdiServiceHost - ok
18:37:15.0915 0x49d8  WdiSystemHost - ok
18:37:15.0931 0x49d8  wdiwifi - ok
18:37:15.0936 0x49d8  WdNisDrv - ok
18:37:15.0965 0x49d8  WdNisSvc - ok
18:37:15.0969 0x49d8  WebClient - ok
18:37:15.0975 0x49d8  Wecsvc - ok
18:37:15.0981 0x49d8  WEPHOSTSVC - ok
18:37:15.0987 0x49d8  wercplsupport - ok
18:37:15.0992 0x49d8  WerSvc - ok
18:37:15.0999 0x49d8  WFPLWFS - ok
18:37:16.0006 0x49d8  WiaRpc - ok
18:37:16.0012 0x49d8  WIMMount - ok
18:37:16.0017 0x49d8  WinDefend - ok
18:37:16.0029 0x49d8  WindowsTrustedRT - ok
18:37:16.0035 0x49d8  WindowsTrustedRTProxy - ok
18:37:16.0052 0x49d8  WinHttpAutoProxySvc - ok
18:37:16.0058 0x49d8  WinMad - ok
18:37:16.0106 0x49d8  Winmgmt - ok
18:37:16.0119 0x49d8  WinRM - ok
18:37:16.0131 0x49d8  WINUSB - ok
18:37:16.0136 0x49d8  WinVerbs - ok
18:37:16.0168 0x49d8  wisvc - ok
18:37:16.0180 0x49d8  WlanSvc - ok
18:37:16.0194 0x49d8  wlidsvc - ok
18:37:16.0200 0x49d8  WmiAcpi - ok
18:37:16.0208 0x49d8  wmiApSrv - ok
18:37:16.0220 0x49d8  WMPNetworkSvc - ok
18:37:16.0225 0x49d8  Wof - ok
18:37:16.0260 0x49d8  workfolderssvc - ok
18:37:16.0267 0x49d8  WPDBusEnum - ok
18:37:16.0273 0x49d8  WpdUpFltr - ok
18:37:16.0281 0x49d8  WpnService - ok
18:37:16.0321 0x49d8  WpnUserService - ok
18:37:16.0343 0x49d8  ws2ifsl - ok
18:37:16.0350 0x49d8  wscsvc - ok
18:37:16.0465 0x49d8  WSDPrintDevice - ok
18:37:16.0471 0x49d8  WSearch - ok
18:37:16.0490 0x49d8  wuauserv - ok
18:37:16.0495 0x49d8  WudfPf - ok
18:37:16.0502 0x49d8  WUDFRd - ok
18:37:16.0507 0x49d8  wudfsvc - ok
18:37:16.0512 0x49d8  WUDFWpdFs - ok
18:37:16.0518 0x49d8  WUDFWpdMtp - ok
18:37:16.0538 0x49d8  WwanSvc - ok
18:37:16.0558 0x49d8  XblAuthManager - ok
18:37:16.0576 0x49d8  XblGameSave - ok
18:37:16.0583 0x49d8  xboxgip - ok
18:37:16.0589 0x49d8  XboxNetApiSvc - ok
18:37:16.0610 0x49d8  xinputhid - ok
18:37:16.0637 0x49d8  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
18:37:16.0654 0x49d8  XQHDrv - ok
18:37:16.0658 0x49d8  ================ Scan global ===============================
18:37:16.0721 0x49d8  [ Global ] - ok
18:37:16.0722 0x49d8  ================ Scan MBR ==================================
18:37:16.0733 0x49d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:37:17.0033 0x49d8  \Device\Harddisk0\DR0 - ok
18:37:17.0038 0x49d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:37:17.0820 0x49d8  \Device\Harddisk1\DR1 - ok
18:37:17.0827 0x49d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
18:37:18.0381 0x49d8  \Device\Harddisk2\DR2 - ok
18:37:18.0387 0x49d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
18:37:18.0604 0x49d8  \Device\Harddisk3\DR3 - ok
18:37:18.0610 0x49d8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
18:37:19.0247 0x49d8  \Device\Harddisk4\DR4 - ok
18:37:19.0250 0x49d8  ================ Scan VBR ==================================
18:37:19.0257 0x49d8  [ 95640EAFE8ECC0F8A271D82081F4A50E ] \Device\Harddisk0\DR0\Partition1
18:37:19.0260 0x49d8  \Device\Harddisk0\DR0\Partition1 - ok
18:37:19.0276 0x49d8  [ 93F98209FF315ACEBA415BC027DA3D4B ] \Device\Harddisk0\DR0\Partition2
18:37:19.0278 0x49d8  \Device\Harddisk0\DR0\Partition2 - ok
18:37:19.0284 0x49d8  [ 9E2C072B82BF6A726F370B6333062648 ] \Device\Harddisk1\DR1\Partition1
18:37:19.0286 0x49d8  \Device\Harddisk1\DR1\Partition1 - ok
18:37:19.0293 0x49d8  [ DE3C4A774925145FAE27CED1ABEDE518 ] \Device\Harddisk2\DR2\Partition1
18:37:19.0298 0x49d8  \Device\Harddisk2\DR2\Partition1 - ok
18:37:19.0304 0x49d8  [ CBDB8840A14F2768BA62E90127E8823C ] \Device\Harddisk3\DR3\Partition1
18:37:19.0309 0x49d8  \Device\Harddisk3\DR3\Partition1 - ok
18:37:19.0316 0x49d8  [ 5987F11274CFF1DD83E0CFDB7F594D72 ] \Device\Harddisk4\DR4\Partition1
18:37:19.0320 0x49d8  \Device\Harddisk4\DR4\Partition1 - ok
18:37:19.0321 0x49d8  ================ Scan generic autorun ======================
18:37:19.0757 0x49d8  [ 4878D4D36D683EBE2F1E5F83C6A3BDB3, 82DA7BFED5F61DF4B679B06339E4065CCE0DA0D6741287F93A2EF1BCC85AB1E1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:37:20.0063 0x49d8  RTHDVCPL - ok
18:37:20.0147 0x49d8  [ C5BDFF312B6AEEF2B4790625B50FCC5E, CE3743140200021A216F0D22334C1EE65B8C7A54552838853771C61467DD05AC ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
18:37:20.0200 0x49d8  XFast LAN - ok
18:37:20.0462 0x49d8  [ 508A138C09D5030E3A22A11FCF90D69E, 3B1E2660453ABAA9610FA2FE85C81AA4DA56FA7823AF01E5ACC411A646604A94 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
18:37:20.0642 0x49d8  StartCN - ok
18:37:20.0659 0x49d8  Logitech Download Assistant - ok
18:37:20.0697 0x49d8  OneDriveSetup - ok
18:37:20.0699 0x49d8  OneDriveSetup - ok
18:37:20.0980 0x49d8  [ B21BF907BEC57CE79A4E1EC7F0717638, AC03F7085ADA3BC49DA183DED2ACB4407F4219D20E224EA7A4157D36884BFC06 ] C:\Program Files (x86)\AirDroid\AirDroid.exe
18:37:21.0177 0x49d8  AirDroid 3 - ok
18:37:21.0303 0x49d8  [ 0D28681183514A3E064AAA9C12D9DC7B, F32FA1A7565E1A2737B67E7DAF8ACC5FDF253D5D9AFC94DB0CB4F0C63117B313 ] C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:37:21.0346 0x49d8  Spotify Web Helper - ok
18:37:21.0536 0x49d8  [ 33527CE93566F5728535C7DA68C6C11D, CF26D17E6BD44F0482DB85A400F42CF9B33BE74B27B9DBE3FA18DFB4D14C3485 ] C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe
18:37:21.0693 0x49d8  Spotify - ok
18:37:21.0802 0x49d8  [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] C:\Program Files (x86)\Steam\steam.exe
18:37:21.0872 0x49d8  Steam - ok
18:37:22.0044 0x49d8  [ 8B37E45C7C41561BF82B2E2A0145C4E5, 5889D467C96E17A4D5B924EF84B0DAFA6CB04ACB248E0C6B0C5CC2CFEFD7CEB3 ] C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
18:37:22.0163 0x49d8  BigNox - ok
18:37:22.0290 0x49d8  [ 0BA57111C2F9A4313F2311CD61DE65FB, 69D4573EC5A720BCDEA094A44F5F6129632B045952525A890DE57A2C002DF934 ] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
18:37:22.0342 0x49d8  XperiaCompanionAgent - ok
18:37:22.0546 0x49d8  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
18:37:22.0609 0x49d8  HP Deskjet 3050A J611 series (NET) - ok
18:37:22.0624 0x49d8  Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
18:37:22.0625 0x49d8  Waiting for KSN requests completion. In queue: 10
18:37:23.0650 0x49d8  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
18:37:23.0651 0x49d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
18:37:23.0653 0x49d8  FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
18:37:23.0779 0x49d8  ============================================================
18:37:23.0779 0x49d8  Scan finished
18:37:23.0779 0x49d8  ============================================================
18:37:23.0787 0x5b98  Detected object count: 0
18:37:23.0787 0x5b98  Actual detected object count: 0
         

Alt 17.02.2017, 20:38   #8
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Servus,






Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die neue Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 18.02.2017, 11:26   #9
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 18/02/2017 um 09:04:33
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : julia - DESKTOP-N0N5AE6
# Gestartet von : C:\Users\julia\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3127 Bytes] - [01/02/2017 14:44:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1050 Bytes] - [18/02/2017 09:04:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [3111 Bytes] - [01/02/2017 14:43:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1490 Bytes] - [01/02/2017 16:17:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [1570 Bytes] - [05/02/2017 17:15:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1637 Bytes] - [18/02/2017 09:04:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1415 Bytes] ##########
         

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 18.02.17
Scan-Zeit: 10:41
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1292
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-N0N5AE6\julia

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 413108
Abgelaufene Zeit: 9 Min., 7 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64 
Ran by julia (Administrator) on 18.02.2017 at 10:54:33,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.02.2017 at 10:57:31,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017
durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (18-02-2017 11:10:29)
Gestartet von C:\Users\julia\Desktop
Geladene Profile: julia (Verfügbare Profile: julia)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\NielsenOnline64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK)
BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK)
Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF DefaultProfile: z4n199ml.default
FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-17]
FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-17]
FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-18]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi [2017-02-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] ()
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0
CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30]
CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14]
CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15]
CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29]
CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14]
CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24]
CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14]
CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21]
CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-17]
CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29]
CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10]
CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29]
CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11]
CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29]
CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\appobserver64.sys [23696 2016-12-30] (The Nielsen Company)
R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-18] (ASRock Incorporation)
R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-18] (Malwarebytes)
S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys [34960 2016-12-30] (The Nielsen Company)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek                                            )
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-18 11:09 - 2017-02-18 11:09 - 00000000 ____D C:\Users\julia\Desktop\FRST-OlderVersion
2017-02-18 10:57 - 2017-02-18 10:57 - 00000546 _____ C:\Users\julia\Desktop\JRT.txt
2017-02-18 10:53 - 2017-02-18 10:53 - 00001238 _____ C:\Users\julia\Desktop\mbam.txt
2017-02-18 10:40 - 2017-02-18 10:40 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 10:39 - 2017-02-18 10:39 - 00001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 10:39 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-18 10:25 - 2017-02-18 10:25 - 00566128 _____ (Malwarebytes) C:\Users\julia\Desktop\mbam-clean-2.3.0.1001.exe
2017-02-17 20:53 - 2017-02-18 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\julia\Desktop\mb3-setup-consumer-3.0.6.1469.exe
2017-02-17 20:52 - 2017-02-18 10:54 - 01663040 _____ (Malwarebytes) C:\Users\julia\Desktop\JRT.exe
2017-02-17 20:51 - 2017-02-18 08:44 - 04015056 _____ C:\Users\julia\Desktop\AdwCleaner_6.043.exe
2017-02-17 08:38 - 2017-02-18 11:02 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2017-02-16 18:34 - 2017-02-16 18:54 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_18.34.11_log.txt
2017-02-16 18:32 - 2017-02-16 18:33 - 00064755 _____ C:\Users\julia\Desktop\Addition.txt
2017-02-16 18:31 - 2017-02-18 11:10 - 00029601 _____ C:\Users\julia\Desktop\FRST.txt
2017-02-16 18:23 - 2017-02-16 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\julia\Desktop\tdsskiller.exe
2017-02-16 18:22 - 2017-02-18 11:09 - 02422272 _____ (Farbar) C:\Users\julia\Desktop\FRST64.exe
2017-02-16 10:45 - 2017-02-16 10:52 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.45.55_log.txt
2017-02-16 10:42 - 2017-02-16 10:44 - 00171940 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.42.12_log.txt
2017-02-14 13:08 - 2017-02-18 09:06 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job
2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia
2017-02-10 19:29 - 2017-02-18 11:10 - 00000000 ____D C:\FRST
2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick
2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp
2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-02 19:26 - 2017-02-17 10:05 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla
2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus
2017-02-01 14:41 - 2017-02-18 09:04 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies
2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf
2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-18 11:12 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid
2017-02-18 11:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-18 10:59 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-18 10:29 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop
2017-02-18 10:28 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
2017-02-18 10:27 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-18 10:26 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-18 10:26 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-02-18 09:12 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE}
2017-02-18 09:12 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps
2017-02-18 09:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-18 08:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-18 08:35 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia
2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android
2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox
2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox
2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify
2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV
2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify
2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe
2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db
2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music
2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP
2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc
2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD
2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox
2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss
2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup
2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD
2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD
2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log
2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log
2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg
2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group                                               ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-08 23:29

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017
durchgeführt von julia (18-02-2017 11:12:34)
Gestartet von C:\Users\julia\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version:  - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {088841B5-0921-42EB-B35F-ED262A120F95} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {76766223-D4EE-40A1-B946-EA78046203CF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {F5DE26B4-9D74-4647-AD6A-B963F33ED5ED} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-02-18 10:39 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-18 08:40 - 2017-02-18 08:40 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-18 08:40 - 2017-02-18 08:40 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-18 08:40 - 2017-02-18 08:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:43 - 2017-02-06 08:43 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Wiederherstellungspunkte =========================

13-02-2017 09:06:51 Geplanter Prüfpunkt
18-02-2017 10:54:52 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/18/2017 10:59:31 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:59:26 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:59:16 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:58:09 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:57:46 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:55:47 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:55:40 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (02/18/2017 10:55:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/18/2017 10:28:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b4a8
ID des fehlerhaften Prozesses: 0x18c
Startzeit der fehlerhaften Anwendung: 0x01d289c940b3d728
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 3f37acda-c6da-41b4-8ff9-93f981f9e9df
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/18/2017 10:27:48 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.


Systemfehler:
=============
Error: (02/18/2017 11:01:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 10:59:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 10:41:54 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1190779463-2330029784-2471901394-1001-02182017104154342-ntuser.dat

Error: (02/18/2017 10:28:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 10:27:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.

Error: (02/18/2017 10:26:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht.

Error: (02/18/2017 10:25:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-02-13 19:49:26.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-06 15:30:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 20:23:11.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-05 19:25:05.946
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-02-03 19:14:25.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:50.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-30 17:39:49.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.578
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-09 13:09:05.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 15:58:00.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G 
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 10918.05 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 12783.68 MB

==================== Laufwerke ================================

Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:737.38 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 18.02.2017, 12:58   #10
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Servus,


in welchem Browser hast du die genannten Probleme? In Chrome?

Hast du diese Probleme immer noch?

Gibt es sonst Auffälligkeiten/Probleme?
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 18.02.2017, 22:29   #11
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Hallo,

ja, die Probleme hatte ich bei Chrome.

Seit heute Morgen läuft Chrome und System wieder schneller.
Komische Emails bekomme ich seit gestern zum Glück nicht mehr.
Leere Pop-up Fenster hat Chrome nur eins geöffnet, soweit ich das beobachten konnte.

Welches Problem nun neu aufgetreten ist, dass ich "Anno-Online" im Chrome Browser nicht mehr spielen kann, er lädt nach dem Einloggen ein Drittel und dann passiert nichts mehr.
Andere Spiele, die den FlashPlayer benötigen laufen im Prinzip.
Im Firefox Browser lädt er "Anno" zwar, aber hier bekomme ich immer die Meldung, dass der FlashPlayer abgestürzt ist.


Das Hochfahren geht immer noch unterschiedlich schnell. Manchmal hängt er beim Windows-Sperrbilschirm wo ich mein Passwort eingeben muss bis zu drei Minuten und gerade eben hatte ich zwei Minuten beim Laden des Desktops einen schwarzen Bildschirm. Danach hat er aber alles wie gewohnt geladen. Einfrieren tut es aber nicht mehr.


Beim letzten Neustart vor ca. 2 Stunden habe ich beobachtet, dass die drei LED-Lampen (Num; Caps und Scroll) von meiner Tastatur, die ja eigentlich leuchten sollen sobald sie aktiviert werden, nicht funktionierten. Auch nach mehrmaligem Aktivieren ging nichts, aber die Tasten selbst funktionierten. Ich habe den PC dann nochmal neugestartet und dann ging es wieder. Dieses Problem hatte ich bisher noch nie gehabt.

Hallo,

vor ca. einer Stunde kam nun doch wieder eine von diesen merkwürdigen E-mails....

Alt 19.02.2017, 14:11   #12
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Servus,



Zitat:
Zitat von lyncat89 Beitrag anzeigen
vor ca. einer Stunde kam nun doch wieder eine von diesen merkwürdigen E-mails....
ich bekomme ständig/täglich "komische E-Mails", sowas nennt man Spam.

Rechner ist sauber, Google Chrome sieht auch gut aus.

Alles andere hat nichts mit Malware zu tun.






Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 19.02.2017, 18:40   #13
lyncat89
 
Probleme mit Maleware oder Trojaner nach Toolbar Installation - Standard

Probleme mit Maleware oder Trojaner nach Toolbar Installation



Hallo,

mit den "Spam-Mails" bin ich mir halt unsicher, da die von heute auf morgen plötzlich kamen und dann halt mehr als 20 Stück pro Tag. Das Problem kam bei meinem alten Laptop nämlich auch so plötzlich und der hatte einen fiesen Virus gehabt.

Und kann ich das Problem mit meinem Online-Spiel eventuell noch irgendwie lösen? Chrome zurücksetzen hatte ja leider nichts gebracht.

Den Flashplayer halte ich immer aktuell.
Java habe ich glaube ich gar nicht installiert. Brauche ich das zwingend?


meine Firewall läuft über GData und da habe ich auf die höchste Stufe gestellt.

Vielen lieben Dank für die letzten Tipps zum "Rundumschutz".

Antwort

Themen zu Probleme mit Maleware oder Trojaner nach Toolbar Installation
analyse, antwort, auswertung, erhalte, erstell, erstelle, erstellen, erstellte, falsche, falschen, forum, installation, keine antwort, maleware, neues, probleme, thema, toolbar, troja, trojaner, verschieben, wahrscheinlich



Ähnliche Themen: Probleme mit Maleware oder Trojaner nach Toolbar Installation


  1. Probleme mit Maleware oder Trojaner nach Toolbar Installation
    Mülltonne - 16.02.2017 (2)
  2. Windows 8, Firefox-Startseite verändert und komische Toolbar nach Installation von FileZilla
    Log-Analyse und Auswertung - 08.04.2015 (9)
  3. Win 7 - nach Spieldownload und Schein-Installation Probleme und Chaos
    Log-Analyse und Auswertung - 31.03.2015 (27)
  4. Nach Maleware Entfernung erhebliche Probleme mit System
    Alles rund um Windows - 19.03.2015 (1)
  5. Probleme mit Bluescreen beim Starten des Rechners nach Entfernung von Maleware
    Log-Analyse und Auswertung - 17.02.2015 (14)
  6. Windows 8.1: Nach Toolbar Installation; Virus Fund durch Antivirensoftware
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (3)
  7. Windows 8.1: Nach Toolbar Installation mehrere Funde durch Antivirensoftware
    Log-Analyse und Auswertung - 04.12.2014 (5)
  8. Win 8.1: Nach Skype Installation viele Probleme
    Log-Analyse und Auswertung - 04.06.2014 (4)
  9. Probleme nach Installation von NewPlayer
    Log-Analyse und Auswertung - 12.05.2014 (11)
  10. Nach iTunes Installation Probleme u. a. mit Lollipop
    Log-Analyse und Auswertung - 02.02.2014 (9)
  11. Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome)
    Log-Analyse und Auswertung - 31.10.2013 (29)
  12. Nach SP3 Installation starke probleme
    Alles rund um Windows - 11.10.2012 (0)
  13. Arge Probleme nach Installation von ConvertxToDVD - Trojaner?!
    Log-Analyse und Auswertung - 03.03.2009 (10)
  14. spyware pro plötzlich als ie toolbar- nach active- x installation
    Plagegeister aller Art und deren Bekämpfung - 27.11.2008 (1)
  15. Problem mit Trojaner oder so auch nach neu Installation von XP
    Log-Analyse und Auswertung - 03.10.2008 (1)
  16. einige probleme nach windows installation
    Alles rund um Windows - 30.07.2008 (10)
  17. Nach XP SP2-Installation Massenhaft Probleme
    Alles rund um Windows - 04.01.2006 (7)

Zum Thema Probleme mit Maleware oder Trojaner nach Toolbar Installation - Hallo, ich habe am 10.02. ein neues Thema erstellt. Leider habe ich eben erst gesehen, dass das Thema im falschen Forum (Log- Analyse und Auswertung) gelandet ist. Deswegen habe ich - Probleme mit Maleware oder Trojaner nach Toolbar Installation...
Archiv
Du betrachtest: Probleme mit Maleware oder Trojaner nach Toolbar Installation auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.