Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Tradeexchange.com Adware /Malwarebytes Alarm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.06.2017, 14:49   #1
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



Guten Tag,

ich habe seit längerem das Problem, dass mir mein Malwarebytes Web-Schutz in unregelmäßigen Abständen mitteilt, dass die Seite "tradeexchange" erfolgreich geblockt wurde, wenn ich mit Chrome im Internet surfe. Als Auslöser wird die Quelle "chrome.exe" genannt.

Das passiert pro Tag zwischen 2-6 Mal. Das Problem dabei ist, ich weiß nicht ob es sich um einen Fehlalarm handelt. Ich habe als Test mal meinen MBAM Web-Schutz ausgeschaltet, um zu sehen ob sich wirklich die Seite "tradeexchange.com" öffnet, oder mich an eine andere Adresse weiterleitet.

Dies war nicht der Fall.

Was bisher unternommen wurde :

- MBAM-Web und Echtzeit Schutz abgestellt : Keine Weiterleitung von "tradeexchange"
- Scan Durchlauf mit Bitdefender 2017, MBAM, AdwareCleaner, JRT und Avira Boot-CD -> Keine Funde
- "http://www.trojaner-board.de/171252-...tfernen.html"- Anleitung befolgt -> Ohne Erfolg, da kein Fund
- Deinstallation von Chrome und Entfernung aller Registry Einträge durch Revo -> ohne Erfolg

System : Win 10 x64

Wie gesagt, ich weiß nicht ob es sich um einen Fehlalarm von MBAM handelt, aber ich nehme die Warnung dennoch sehr ernst. Vorallem, bricht die Internet-Geschwindigkeit für ein paar Sekunden rapide ab, sobald die MBAM Warnung angezeigt wird.

Ich bedanke mich im voraus für eure Hilfe und Zeit.

Gruß

edit : Der PC ist weder im Boot-Vorgang, noch bei Belastung spürbar langsamer geworden. Es treten keine Probleme auf, wenn man einen anderen Browser als Chrome benutzt.

Geändert von jarobmar (01.06.2017 um 14:54 Uhr)

Alt 01.06.2017, 14:57   #2
M-K-D-B
/// TB-Ausbilder
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 01.06.2017, 15:21   #3
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



FRST - ADDITION - LOG

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-05-2017
durchgeführt von Rambo411 (01-06-2017 16:20:32)
Gestartet von C:\Users\Rambo411\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-04 17:55:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067299650-1304287427-3702207109-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2067299650-1304287427-3702207109-503 - Limited - Disabled)
Gast (S-1-5-21-2067299650-1304287427-3702207109-501 - Limited - Disabled)
Rambo411 (S-1-5-21-2067299650-1304287427-3702207109-1001 - Administrator - Enabled) => C:\Users\Rambo411

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.5 - Angry IP Scanner)
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Belkin Connect Wireless USB Adapter (HKLM-x32\...\InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}) (Version: 1.0.0.3 - Belkin)
Belkin Connect Wireless USB Adapter (x32 Version: 1.0.0.3 - Belkin) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.24.54 - Bitdefender)
Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.25.80 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monopoly (HKLM-x32\...\{472FC1CB-A598-4839-AF33-C68D548AB002}) (Version: 1.1.1 - LeeGT-Games)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Mozilla Thunderbird 45.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.0 (x86 de)) (Version: 45.7.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Nmap 7.40 (HKLM-x32\...\Nmap) (Version: 7.40 - )
Npcap 0.78 r5 (HKLM-x32\...\NpcapInst) (Version: 0.78 r5 - Nmap Project)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.22 (HKLM\...\{A961B9B7-C851-411E-907A-E7E96C631369}) (Version: 5.0.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Turmoil (HKLM\...\Steam App 361280) (Version:  - Gamious)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplink (HKLM-x32\...\GOGPACKUPLINK_is1) (Version: 2.0.0.5 - GOG.com)
USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version:   -  )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 2.2.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04D42EDC-2FC6-4388-AFE4-788703C3CC33} - System32\Tasks\{495080D5-3D77-4CE1-9881-C9808F09F9C2} => Chrome.exe hxxps://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.30.0.105&amp;LastError=12057
Task: {0CD3060E-E08E-4E2A-9D12-C14081AE9C0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {1C8A62AA-E4A5-49EA-AB9C-31521A4DEB73} - \WPD\SqmUpload_S-1-5-21-2067299650-1304287427-3702207109-1001 -> Keine Datei <==== ACHTUNG
Task: {20A98B74-F23D-42C6-AFDD-46B0A6AC3555} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {22D965AD-E4E6-4E49-90E9-7F3F96E287E7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {357F60EB-9525-4922-94B5-D8E30DDDE5E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {3D451760-879D-4CEB-9187-D12AE34B96EB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-14] (Adobe Systems Incorporated)
Task: {3F7BBC5D-9B2F-40E9-AFD6-75925054439D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7DD7CCAF-6702-4D62-B532-7BAA80237519} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {9F5D66B4-0FDD-4F2A-ADEC-959F786A7733} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {CC0048B5-29F8-46CE-8832-BD6EC5EACC68} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-20] (Bitdefender)
Task: {E646F3F2-0DB2-4207-AEDF-C838B730C3BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {F11CFE9E-CF2B-4CA1-998F-A289F641E9B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F2E1479D-37F7-4211-A195-89E1A7035A43} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Rambo411\Desktop\CyberghostCheatEngine.bat - Verknüpfung.lnk -> C:\Dokumente\CyberghostChatEngine.bat ()
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-04 20:54 - 2013-09-03 14:29 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-05-04 20:54 - 2017-02-07 12:34 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl
2016-08-18 10:27 - 2016-08-18 10:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-19 14:12 - 2017-05-19 15:13 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-19 14:12 - 2017-05-19 15:13 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-01-30 07:54 - 2015-02-27 15:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-03 19:31 - 2016-05-19 15:58 - 00249608 _____ () C:\Program Files (x86)\Cheat Engine 6.5.1\speedhack-x86_64.dll
2016-12-06 16:09 - 2016-12-06 16:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-05-29 23:21 - 2017-05-29 23:21 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-DE\bdsystray.txtui
2017-05-16 01:25 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 01:25 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-14 05:51 - 2017-05-14 05:51 - 31118328 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer64_25_0_0_171.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-18 10:14 - 2016-08-18 10:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 10:03 - 2016-08-18 10:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 10:17 - 2016-08-18 10:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-08-18 10:14 - 2016-08-18 10:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 10:09 - 2016-08-18 10:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-09-19 15:43 - 2017-05-18 07:52 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-06-24 13:57 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-05 03:48 - 2017-03-08 13:05 - 00174448 _____ () C:\Program Files\CyberGhost 6\Data\OpenVPN\liblzo2-2.dll
2017-01-05 03:48 - 2017-03-08 13:05 - 00115168 _____ () C:\Program Files\CyberGhost 6\Data\OpenVPN\libpkcs11-helper-1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Rambo411\Downloads\adwcleaner_6.047.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\JRT813.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\tdsskiller.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-01-30 01:51 - 2017-06-01 15:56 - 00000055 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rambo411\AppData\Local\Stardock\desktop-hintergrund.bmp
DNS Servers: 185.156.172.178 - 185.93.180.131
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "Bitdefender"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6098EA2AF440ADD8C50EA3EB25EDD60C"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{44F6B9CA-18E9-4570-A6F7-EF765E976A27}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{69E1EF88-A2E7-49B3-AF8F-CA9A3A744E7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4510C8D3-2A2D-4F10-B42E-B2C2309A9CC7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B136BCB6-2F17-4E69-92B0-C0E91CEE3C82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B35EDB5D-7D82-4815-BD33-A35FD31FBF17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3D0DE26D-274F-467E-B40B-630460785413}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{BF4B9E25-D7D1-49BE-80B7-D4186AFECA73}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EBBD1426-71E4-4222-A5E0-79E70B4DD082}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3CD193FA-5B9C-43AD-A4A5-D9E9A3117594}] => (Block) LPort=445
FirewallRules: [{446FB199-564E-480D-8996-3D8E40C3F159}] => (Block) LPort=135
FirewallRules: [{D692FDB3-C6E1-4494-86FF-9CCABE09D1EF}] => (Block) LPort=445
FirewallRules: [{89391A9C-C6CA-408D-8374-C40465AC72C8}] => (Block) LPort=135
FirewallRules: [UDP Query User{F859C9F6-B035-4B7A-850B-7E6CB6AD9A41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{B6223B51-54C8-4D8E-8319-54B0989C4B8F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FA3CBE28-D6B0-4827-A0B2-137ADD8BB6D4}] => (Allow) LPort=1900
FirewallRules: [{8E870D6D-542A-4E99-924B-4D444675C9BA}] => (Allow) LPort=2869
FirewallRules: [{587ABB8D-8911-40DA-AF91-B8D13BFF7566}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3D861DF3-D4D6-4174-9E9E-11C3E2F5AB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{88AB88EA-E052-44F8-B79F-75E23A38730E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{D50775D5-096C-4E9B-8758-B3CD7FA11E7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{22C600A5-6EE1-4BEE-8558-94CD0E30D30A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6DE421E5-D6C9-4FEE-8CE3-9CA5D868109C}] => (Allow) e:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C55AD4A-00C9-4729-886B-F9A04B63B931}] => (Allow) e:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2316D0C0-5B73-4113-96FB-2F37BC9C962C}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{947E44ED-0BF4-40E1-951D-4AECBA4332BB}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{68E205D5-1F8B-4FFD-9B0C-D52AE61AE18E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F1D7439-A3C9-46F3-A368-250D7A4DA135}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1CF5DC83-CA1E-4698-B47B-1F3B48F9EAA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3EC39ED0-B752-4FFA-9CE1-37E95BB0CD6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08F0360B-BE31-4C9B-B492-28B78E84F1E2}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A6F0998C-69A4-4068-BD9B-2B2EE9EE0E35}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{23F85E2C-88AD-4E23-936B-E50D64A3E980}C:\users\rambo411\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\rambo411\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [UDP Query User{D85013A4-6E08-4A0D-AD32-736AFE316D5E}C:\users\rambo411\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\rambo411\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [TCP Query User{7353BD8C-D2BC-46CA-A1AF-BF1360974F7F}C:\users\rambo411\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\rambo411\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [UDP Query User{98A1DDEE-A49C-4A1F-A985-0C1F596AAB6B}C:\users\rambo411\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\rambo411\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [{A631398C-F6DF-4929-B9CF-3397CC16DBBE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D21555A9-38E9-412E-B3FA-B98E1E2380A2}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{8ACD80F2-7DDB-4A0B-A6A5-8905557FAD91}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{8E86B55C-5E62-4FEC-A6A3-F6EBFCA21899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{D81EC772-7F43-4FF1-9BF7-16B50DDB1D61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{90E10DB4-2A89-4904-8BED-3A1CAA6AAB99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{DC337A22-7E19-4106-99A2-831174F025EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe

==================== Wiederherstellungspunkte =========================

25-05-2017 16:34:12 Revo Uninstaller Pro's restore point - Nitro Pro
25-05-2017 16:34:28 Removed Nitro Pro
25-05-2017 19:26:04 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
25-05-2017 22:38:40 Revo Uninstaller Pro's restore point - Fraps
26-05-2017 00:14:23 Revo Uninstaller Pro's restore point - Wisdom-soft AutoScreenRecorder 3.1 Free
27-05-2017 19:14:26 Revo Uninstaller Pro's restore point - Dead Age
28-05-2017 23:48:30 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4657

Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4657

Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/30/2017 07:01:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GAMER-PC)
Description: Das Paket „Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (05/29/2017 01:41:08 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 

Error: (05/29/2017 01:36:17 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 

Error: (05/29/2017 01:36:12 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 

Error: (05/29/2017 01:14:43 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 

Error: (05/29/2017 01:14:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 

Error: (05/29/2017 12:48:52 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: 


Systemfehler:
=============
Error: (05/31/2017 08:29:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/31/2017 06:04:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/31/2017 06:03:59 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Ãœbermittlungsoptimierung konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


CodeIntegrity:
===================================
  Date: 2017-05-31 18:04:38.327
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 17:56:38.783
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 17:56:38.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 15:16:29.801
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 15:16:29.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-30 23:55:33.769
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-30 18:56:46.952
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-30 18:56:46.881
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-29 23:45:17.081
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-29 23:45:17.026
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8121.53 MB
Verfügbarer physikalischer RAM: 4495.71 MB
Summe virtueller Speicher: 9401.53 MB
Verfügbarer virtueller Speicher: 4946.56 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:222.79 GB) (Free:112.52 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 40EEB608)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         
__________________

Geändert von jarobmar (01.06.2017 um 15:42 Uhr)

Alt 01.06.2017, 15:22   #4
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



FRST.txt - LOG

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017
durchgeführt von Rambo411 (Administrator) auf GAMER-PC (01-06-2017 16:20:03)
Gestartet von C:\Users\Rambo411\Downloads
Geladene Profile: Rambo411 (Verfügbare Profile: Rambo411 & Administrator)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The OpenVPN Project) C:\Program Files\CyberGhost 6\Data\OpenVPN\openvpn.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-11-18] ()
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1191472 2017-03-08] (CyberGhost S.R.L.)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-04] (SUPERAntiSpyware)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {3d9dbf92-3c8a-11e7-831f-bc5ff4b9eb76} - "G:\AutoRun.exe" 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {5f60547a-3b83-11e7-8315-bc5ff4b9eb76} - "G:\AutoRun.exe" 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {5f6054c3-3b83-11e7-8315-bc5ff4b9eb76} - "G:\AutoRun.exe" 
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42
Tcpip\..\Interfaces\{b1258d85-0a56-454f-b99a-d92b34dc5709}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42
Tcpip\..\Interfaces\{cbfafe5b-6c62-4d58-9749-42341323addd}: [NameServer] 185.156.172.178,185.93.180.131
Tcpip\..\Interfaces\{cbfafe5b-6c62-4d58-9749-42341323addd}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.2.1/
SearchScopes: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-18] (Wondershare)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender)
IE Session Restore: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> ist aktiviert.

FireFox:
========
FF DefaultProfile: l1qcx6de.default
FF ProfilePath: C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default [2017-06-01]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\elemhidehelper@adblockplus.org.xpi [2017-04-14]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\firefox@zenmate.com.xpi [2017-04-21]
FF Extension: (LavaFox V2) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\info@djzig.com [2017-04-11]
FF Extension: (NoScript) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-23]
FF Extension: (YouTube High Definition) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-04-11]
FF Extension: (Adblock Plus) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-28]
FF Extension: (Popup Blocker (strict)) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2017-05-05]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-04-21]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-04-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> c:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> c:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Google Präsentationen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-11]
CHR Extension: (Google Docs) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Google Drive) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (YouTube) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Adblock Plus) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-11]
CHR Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogeabecipmckmihpmkgjbghbffcebcf [2017-05-22]
CHR Extension: (Google Tabellen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Slither.io Mod Play with friends Without LAGS) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\foocpcikeakahdlplgpgfoilanoajijf [2017-04-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-11]
CHR Extension: (Black red shards) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2017-05-25]
CHR Extension: (Popup Blocker Pro) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2017-05-28]
CHR Extension: (Nehmen Sie Screenshot der Webseite - FireShot) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Splix.io Mods) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmnnafdmbljafhmjmpmdcpinpkbbjpha [2017-04-30]
CHR Extension: (WebRTC Network Limiter) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2017-04-11]
CHR Extension: (Google Mail) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2017-04-20] (Bitdefender)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-18] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-18] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-20] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1442896 2017-05-29] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-05-29] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [879600 2017-05-29] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
S3 dtscsibus; C:\WINDOWS\system32\DRIVERS\dtscsibus.sys [29696 2016-06-24] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-19] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-15] (Bitdefender)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-19] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-06-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81232 2016-12-15] (Insecure.Com LLC.)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-16] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-01 16:10 - 2017-06-01 16:10 - 00000000 _____ C:\Users\Rambo411\Desktop\Neues Textdokument.txt
2017-06-01 16:08 - 2017-06-01 16:18 - 00289408 _____ C:\TDSSKiller.3.1.0.15_01.06.2017_16.08.40_log.txt
2017-06-01 16:08 - 2017-06-01 16:08 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Rambo411\Downloads\tdsskiller.exe
2017-06-01 16:00 - 2017-06-01 16:03 - 00050403 _____ C:\Users\Rambo411\Downloads\Addition.txt
2017-06-01 15:59 - 2017-06-01 16:20 - 00024797 _____ C:\Users\Rambo411\Downloads\FRST.txt
2017-06-01 15:59 - 2017-06-01 16:20 - 00000000 ____D C:\FRST
2017-06-01 15:58 - 2017-06-01 15:58 - 02431488 _____ (Farbar) C:\Users\Rambo411\Downloads\FRST64.exe
2017-05-31 18:04 - 2017-05-31 18:04 - 00000021 _____ C:\WINDOWS\S.dirmngr
2017-05-28 23:42 - 2017-05-28 23:42 - 04110280 _____ C:\Users\Rambo411\Downloads\adwcleaner_6.047.exe
2017-05-28 23:42 - 2017-05-28 23:42 - 01663672 _____ (Malwarebytes) C:\Users\Rambo411\Downloads\JRT813.exe
2017-05-27 23:47 - 2017-05-31 16:56 - 00000056 _____ C:\Users\Rambo411\Desktop\rahmen.txt
2017-05-26 23:35 - 2017-05-26 23:50 - 00000000 ____D C:\Users\Rambo411\AppData\Local\RockGodTycoon
2017-05-26 00:17 - 2017-05-26 00:31 - 00000534 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6.job
2017-05-26 00:17 - 2017-05-26 00:17 - 00003688 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6
2017-05-26 00:17 - 2017-05-26 00:17 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\SUPERAntiSpyware.com
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-05-25 22:43 - 2017-05-25 22:44 - 00000000 ____D C:\Fraps
2017-05-25 22:43 - 2017-05-25 22:43 - 00000609 _____ C:\Users\Public\Desktop\Fraps.lnk
2017-05-25 22:43 - 2017-05-25 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-05-25 19:26 - 2017-05-25 19:26 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\11bitstudios
2017-05-25 18:22 - 2017-05-25 18:22 - 00000222 _____ C:\Users\Rambo411\Desktop\This War of Mine.url
2017-05-25 16:30 - 2017-05-25 16:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rambo411\Downloads\HijackThis_2.0.5.exe
2017-05-25 16:12 - 2017-05-25 16:12 - 00001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-23 11:39 - 2017-05-23 11:39 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\SilentDreams
2017-05-19 14:13 - 2017-05-31 18:04 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-19 14:12 - 2017-06-01 15:56 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-19 14:12 - 2017-05-31 18:04 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-19 14:12 - 2017-05-31 18:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-19 14:12 - 2017-05-19 15:13 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-19 14:12 - 2017-05-19 14:12 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-19 14:12 - 2017-05-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-19 14:12 - 2017-05-19 14:12 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-19 13:47 - 2017-05-19 14:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 12:49 - 2017-05-18 13:46 - 00001312 _____ C:\Users\Rambo411\Desktop\FIFA Manager  17.lnk
2017-05-18 10:31 - 2017-05-18 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2017-05-18 07:53 - 2017-05-18 07:55 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-05-18 02:12 - 2017-05-18 02:12 - 00001613 _____ C:\Users\Public\Desktop\Uplink.lnk
2017-05-18 02:12 - 2017-05-18 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uplink [GOG.com]
2017-05-18 02:03 - 2017-05-18 02:03 - 00000000 ____D C:\Users\Rambo411\AppData\Local\FXG
2017-05-17 03:52 - 2017-05-17 03:52 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 03:52 - 2017-05-17 03:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 03:52 - 2017-05-17 03:52 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-17 03:51 - 2017-05-17 03:51 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-17 01:13 - 2017-05-17 01:13 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\Daedalic Entertainment GmbH
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-12 03:49 - 2017-05-12 03:49 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-05-10 12:03 - 2017-05-10 12:03 - 00000000 ____D C:\Users\Rambo411\AppData\Local\ProjectPokémon
2017-05-10 07:11 - 2017-05-10 07:17 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
2017-05-10 02:42 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 02:42 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 02:42 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 02:42 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 02:42 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 02:42 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-10 02:42 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 02:42 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 02:42 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-10 02:42 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 02:42 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 02:42 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 02:42 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 02:42 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-10 02:42 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 02:42 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 02:42 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 02:42 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 02:42 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 02:42 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 02:42 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 02:42 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 02:42 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-10 02:42 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 02:42 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-10 02:42 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-10 02:42 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 02:42 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 02:42 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 02:42 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 02:42 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 02:42 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 02:42 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 02:42 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 02:42 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-10 02:42 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 02:41 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 02:41 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 02:41 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 02:41 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 02:41 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 02:41 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 02:41 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 02:41 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 02:41 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 02:41 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 02:41 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 02:41 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 02:41 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-10 02:41 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 02:41 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 02:41 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 02:41 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 02:41 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 02:41 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 02:41 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 02:41 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 02:41 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 02:41 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 02:41 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 02:41 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-10 02:41 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-10 02:41 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 02:41 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-10 02:41 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 02:41 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 02:41 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 02:41 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 02:41 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 02:41 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 02:41 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 02:41 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 02:41 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 02:41 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-10 02:41 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 02:41 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 02:41 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 02:41 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-10 02:41 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 02:41 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 02:41 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 02:41 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 02:41 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 02:41 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 02:41 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 02:41 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-10 02:41 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 02:41 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-10 02:41 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 02:41 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 02:41 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 10:28 - 2017-05-16 04:09 - 00000000 ____D C:\Users\Rambo411\Downloads\emu
2017-05-07 04:57 - 2017-05-07 04:57 - 00000000 ____D C:\Users\Rambo411\AppData\Local\DBG
2017-05-05 08:25 - 2017-05-05 08:25 - 00040627 _____ C:\ProgramData\dm.update.1493965544.bdinstall.bin
2017-05-05 07:24 - 2017-05-05 07:24 - 00023296 _____ C:\ProgramData\dm.1493961896.10036.bin
2017-05-04 20:56 - 2017-05-04 20:56 - 00057007 _____ C:\ProgramData\dm.1493924154.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 21:12 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-04 20:55 - 2017-05-04 20:55 - 00424333 _____ C:\ProgramData\cl.1493923975.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 20:55 - 00000000 ____D C:\ProgramData\Bitdefender Device Management
2017-05-04 20:54 - 2017-05-29 23:20 - 01612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-05-04 20:54 - 2017-05-29 23:20 - 00879600 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2017-05-04 20:54 - 2017-05-04 20:55 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Bitdefender
2017-05-04 20:54 - 2017-05-04 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-04 20:54 - 2017-03-15 08:03 - 00305120 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-05-04 20:54 - 2016-03-14 22:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-05-04 20:54 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2017-05-04 20:53 - 2017-05-04 21:12 - 00000000 ____D C:\ProgramData\Bitdefender
2017-05-04 20:53 - 2017-05-04 20:55 - 00000000 ____D C:\Program Files\Bitdefender
2017-05-04 20:53 - 2016-10-29 09:54 - 00182944 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-05-04 20:53 - 2016-06-22 15:40 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-05-04 20:52 - 2017-05-04 20:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2017-05-04 20:47 - 2017-06-01 15:57 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-04 20:47 - 2017-05-04 20:47 - 00049380 _____ C:\ProgramData\agent.1493923632.bdinstall.bin
2017-05-04 20:44 - 2017-05-04 20:44 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-04 20:44 - 2017-05-04 20:44 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-04 20:44 - 2017-05-04 20:44 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-04 20:42 - 2017-05-04 20:42 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files\MSBuild
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-04 20:42 - 2017-05-04 19:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-04 20:42 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-04 20:42 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-04 20:41 - 2017-05-04 20:41 - 00003798 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-04 20:39 - 2017-05-04 20:39 - 00000000 ____D C:\WINDOWS\Panther
2017-05-04 19:58 - 2017-05-04 19:58 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-04 19:57 - 2017-05-04 19:57 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-04 19:55 - 2017-05-04 19:55 - 00000020 ___SH C:\Users\Rambo411\ntuser.ini
2017-05-04 19:54 - 2017-05-31 18:10 - 02577712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-04 19:54 - 2017-05-04 19:54 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-04 19:54 - 2017-05-04 19:54 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-04 19:52 - 2017-05-31 18:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 19:52 - 2017-05-14 05:51 - 00004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-04 19:52 - 2017-05-14 05:51 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-04 19:52 - 2017-05-04 19:52 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-04 19:52 - 2017-05-04 19:52 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-04 19:52 - 2017-05-04 19:52 - 00003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19600603-5442-4FBF-A0B1-388249D6C016}
2017-05-04 19:52 - 2017-05-04 19:52 - 00003086 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2017-05-04 19:52 - 2017-05-04 19:52 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2067299650-1304287427-3702207109-1001
2017-05-04 19:52 - 2017-05-04 19:52 - 00002708 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2017-05-04 19:52 - 2017-05-04 19:52 - 00002316 _____ C:\WINDOWS\System32\Tasks\{495080D5-3D77-4CE1-9881-C9808F09F9C2}
2017-05-04 19:52 - 2017-05-04 19:52 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-04 19:52 - 2017-05-04 19:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-04 19:52 - 2017-05-04 19:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-05-04 19:50 - 2017-05-04 19:50 - 00000000 ____D C:\ProgramData\USOShared
2017-05-04 19:49 - 2017-05-04 19:49 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-04 19:48 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-04 19:47 - 2017-06-01 14:56 - 00000000 ____D C:\Users\Rambo411
2017-05-04 19:47 - 2017-05-04 19:50 - 00000000 ____D C:\Users\Administrator
2017-05-04 19:47 - 2017-05-04 19:49 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-04 19:47 - 2017-05-04 19:47 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Vorlagen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Startmenü
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Netzwerkumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Lokale Einstellungen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Eigene Dateien
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Druckumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Local\Verlauf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Local\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\Program Files\Realtek
2017-05-04 19:46 - 2017-05-31 23:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-04 19:46 - 2017-05-31 18:04 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-04 19:46 - 2017-05-17 03:52 - 00000000 ____D C:\Program Files\AMD
2017-05-04 19:46 - 2017-05-10 19:36 - 00251216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-04 19:46 - 2017-05-04 19:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-03 19:36 - 2017-05-03 19:36 - 00000000 ____D C:\Users\Rambo411\AppData\Local\UNP
2017-05-03 18:36 - 2017-05-04 19:49 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 18:36 - 2017-05-03 18:37 - 00000000 ____D C:\Program Files\UNP

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-01 15:26 - 2016-10-29 14:01 - 00000000 ____D C:\Users\Rambo411\AppData\Local\JDownloader v2.0
2017-06-01 15:17 - 2016-06-24 21:29 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\vlc
2017-06-01 01:03 - 2017-01-17 04:46 - 00000000 ____D C:\Users\Rambo411\Downloads\JDownloads
2017-05-31 22:18 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-31 22:18 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-31 20:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 18:10 - 2017-03-20 06:41 - 01192102 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-31 18:10 - 2017-03-20 06:41 - 00274720 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-31 18:04 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 18:04 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-31 18:03 - 2016-06-24 15:50 - 00132041 _____ C:\bdlog.txt
2017-05-31 18:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-31 17:56 - 2017-02-07 05:36 - 00000427 _____ C:\Users\Rambo411\Desktop\Konfigurationsprogramm.website
2017-05-29 00:15 - 2016-12-05 23:35 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\Mozilla
2017-05-29 00:00 - 2017-04-11 23:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 23:48 - 2017-04-11 15:28 - 00000000 ____D C:\AdwCleaner
2017-05-28 23:13 - 2016-10-15 00:55 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-27 19:32 - 2017-01-05 02:56 - 00000000 ____D C:\Users\Rambo411\Downloads\vorübergehend
2017-05-27 19:14 - 2016-11-08 23:11 - 00000000 ____D C:\Games
2017-05-25 18:22 - 2017-02-16 01:33 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-25 16:34 - 2017-02-07 05:08 - 00000000 ____D C:\Program Files\Nitro
2017-05-23 09:25 - 2016-08-29 22:09 - 00000000 ___RD C:\Dokumente
2017-05-23 08:41 - 2016-06-24 16:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 08:39 - 2016-06-24 16:22 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-20 00:38 - 2017-01-03 16:44 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Daedalic Entertainment GmbH
2017-05-18 10:36 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Origin
2017-05-18 10:31 - 2016-06-24 16:59 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Origin
2017-05-18 10:31 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-05-18 07:52 - 2016-09-19 15:43 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-18 04:43 - 2016-10-15 01:06 - 00000000 ____D C:\Users\Rambo411\AppData\Local\TurmoilSteam
2017-05-18 02:12 - 2016-11-08 03:13 - 00000000 ____D C:\GOG Games
2017-05-18 01:38 - 2017-03-29 16:10 - 00000065 _____ C:\Users\Rambo411\AppData\Roaming\~SiMPLEX.ini
2017-05-17 03:51 - 2017-02-13 21:47 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-03 19:52 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 01:25 - 2017-04-11 22:57 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-15 04:27 - 2016-06-24 13:49 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Packages
2017-05-14 18:27 - 2016-06-26 23:59 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\TS3Client
2017-05-14 06:45 - 2016-06-24 17:11 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Adobe
2017-05-14 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-14 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 22:46 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 19:36 - 2016-06-24 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 07:17 - 2016-12-29 17:37 - 00000000 ____D C:\Users\Rambo411\AppData\Local\SquirrelTemp
2017-05-10 02:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 10:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-05 10:15 - 2016-06-24 21:28 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\MPC-HC
2017-05-05 01:14 - 2017-04-27 17:56 - 00000000 ____D C:\Users\Rambo411\Downloads\cemu_1.7.0
2017-05-04 20:45 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-04 20:44 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-04 20:44 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-04 20:43 - 2016-06-24 15:49 - 00000000 ____D C:\ProgramData\BDLogging
2017-05-04 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-04 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-04 20:42 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TFTP.EXE
2017-05-04 20:42 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-04 19:58 - 2016-06-24 15:09 - 00002396 _____ C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-04 19:58 - 2016-06-24 15:09 - 00000000 ___RD C:\Users\Rambo411\OneDrive
2017-05-04 19:55 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-04 19:55 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-04 19:55 - 2016-08-11 14:50 - 00000000 ____D C:\Users\Rambo411\AppData\Local\ConnectedDevicesPlatform
2017-05-04 19:55 - 2016-06-24 15:49 - 00000636 __RSH C:\ProgramData\ntuser.pol
2017-05-04 19:55 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-04 19:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-04 19:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-04 19:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-04 19:52 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-04 19:52 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-04 19:52 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-04 19:52 - 2016-06-24 15:03 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-04 19:50 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-04 19:49 - 2017-04-18 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-04 19:49 - 2017-04-11 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-04 19:49 - 2017-03-02 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
2017-05-04 19:49 - 2017-02-07 06:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2017-05-04 19:49 - 2017-02-07 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-05-04 19:49 - 2017-02-06 04:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-05-04 19:49 - 2017-01-28 21:19 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-04 19:49 - 2017-01-20 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-05-04 19:49 - 2017-01-14 07:50 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\Npcap
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\WINDOWS\system32\Npcap
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2017-05-04 19:49 - 2017-01-10 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-04 19:49 - 2017-01-10 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-05-04 19:49 - 2017-01-10 01:08 - 00000000 ____D C:\WINDOWS\de
2017-05-04 19:49 - 2017-01-05 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-05-04 19:49 - 2016-11-11 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2017-05-04 19:49 - 2016-10-19 11:59 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-05-04 19:49 - 2016-09-18 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2017-05-04 19:49 - 2016-08-22 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-05-04 19:49 - 2016-07-30 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms World Party Remastered [GOG.com]
2017-05-04 19:49 - 2016-07-29 19:39 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gehirntraining mit Dr. Kawashima
2017-05-04 19:49 - 2016-07-26 14:07 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2017-05-04 19:49 - 2016-07-06 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2017-05-04 19:49 - 2016-06-24 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-05-04 19:49 - 2016-06-24 21:28 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4
2017-05-04 19:49 - 2016-06-24 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-05-04 19:49 - 2016-06-24 20:50 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-04 19:49 - 2016-06-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-04 19:49 - 2016-06-24 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-05-04 19:49 - 2016-06-24 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-04 19:49 - 2016-06-24 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2017-05-04 19:49 - 2016-06-24 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2
2017-05-04 19:49 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-04 19:49 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-05-04 19:49 - 2016-06-24 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2017-05-04 19:49 - 2016-06-24 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Control
2017-05-04 19:49 - 2016-06-24 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
2017-05-04 19:49 - 2016-06-24 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-05-04 19:49 - 2016-06-24 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
2017-05-04 19:49 - 2016-06-24 16:04 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-04 19:49 - 2016-06-24 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-04 19:49 - 2016-06-24 13:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-04 19:48 - 2017-01-30 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-05-04 19:48 - 2016-12-09 17:06 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-04 19:48 - 2016-11-11 01:20 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-05-04 19:48 - 2016-11-11 01:18 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-04 19:48 - 2016-08-29 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-05-04 19:48 - 2016-06-24 13:56 - 00000000 ____D C:\Program Files\Intel
2017-05-04 19:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-04 19:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-04 19:47 - 2017-04-24 01:51 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaximumOctopus
2017-05-04 19:47 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-04 19:47 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-04 18:10 - 2017-02-07 05:09 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Nitro

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-29 16:10 - 2017-05-18 01:38 - 0000065 _____ () C:\Users\Rambo411\AppData\Roaming\~SiMPLEX.ini
2017-02-07 06:22 - 2017-02-07 06:22 - 0000058 _____ () C:\Users\Rambo411\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-01-12 20:24 - 2017-01-12 20:27 - 0000600 _____ () C:\Users\Rambo411\AppData\Local\PUTTY.RND
2017-04-04 17:03 - 2017-04-04 17:03 - 0001510 _____ () C:\Users\Rambo411\AppData\Local\recently-used.xbel
2017-03-04 00:50 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Rambo411\AppData\Local\TroubleshooterConfig.json
2017-01-12 04:53 - 2017-01-15 16:54 - 0001008 _____ () C:\Users\Rambo411\AppData\Local\zenmap.exe.log
2017-05-04 20:47 - 2017-05-04 20:47 - 0049380 _____ () C:\ProgramData\agent.1493923632.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 20:55 - 0424333 _____ () C:\ProgramData\cl.1493923975.bdinstall.bin
2017-05-04 20:56 - 2017-05-04 20:56 - 0057007 _____ () C:\ProgramData\dm.1493924154.bdinstall.bin
2017-05-05 07:24 - 2017-05-05 07:24 - 0023296 _____ () C:\ProgramData\dm.1493961896.10036.bin
2017-05-05 08:25 - 2017-05-05 08:25 - 0040627 _____ () C:\ProgramData\dm.update.1493965544.bdinstall.bin
2017-04-11 15:17 - 2017-04-11 15:17 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Einige Dateien in TEMP:
====================
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole1822498187602161610.dll
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole2070929330575135854.dll
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole2615208945838996534.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-26 01:24

==================== Ende von FRST.txt ============================
         

Geändert von jarobmar (01.06.2017 um 15:34 Uhr)

Alt 01.06.2017, 15:25   #5
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



TDSSKILLER - LOG - PART 1

Code:
ATTFilter
16:08:40.0116 0x3030  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
16:08:49.0302 0x3030  ============================================================
16:08:49.0302 0x3030  Current date / time: 2017/06/01 16:08:49.0302
16:08:49.0302 0x3030  SystemInfo:
16:08:49.0306 0x3030  
16:08:49.0306 0x3030  OS Version: 10.0.15063 ServicePack: 0.0
16:08:49.0306 0x3030  Product type: Workstation
16:08:49.0306 0x3030  ComputerName: GAMER-PC
16:08:49.0306 0x3030  UserName: Rambo411
16:08:49.0306 0x3030  Windows directory: C:\WINDOWS
16:08:49.0306 0x3030  System windows directory: C:\WINDOWS
16:08:49.0306 0x3030  Running under WOW64
16:08:49.0306 0x3030  Processor architecture: Intel x64
16:08:49.0306 0x3030  Number of processors: 4
16:08:49.0306 0x3030  Page size: 0x1000
16:08:49.0306 0x3030  Boot type: Normal boot
16:08:49.0306 0x3030  CodeIntegrityOptions = 0x00000001
16:08:49.0306 0x3030  ============================================================
16:08:49.0392 0x3030  KLMD registered as C:\WINDOWS\system32\drivers\22201120.sys
16:08:49.0392 0x3030  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
16:08:49.0578 0x3030  System UUID: {C479E9AE-A301-BD71-CD43-074AE65E37B4}
16:08:49.0964 0x3030  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:08:49.0969 0x3030  ============================================================
16:08:49.0969 0x3030  \Device\Harddisk0\DR0:
16:08:49.0969 0x3030  MBR partitions:
16:08:49.0969 0x3030  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
16:08:49.0969 0x3030  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1BD93000
16:08:49.0969 0x3030  ============================================================
16:08:49.0970 0x3030  C: <-> \Device\Harddisk0\DR0\Partition2
16:08:49.0970 0x3030  ============================================================
16:08:49.0970 0x3030  Initialize success
16:08:49.0970 0x3030  ============================================================
16:09:35.0058 0x2d14  ============================================================
16:09:35.0058 0x2d14  Scan started
16:09:35.0058 0x2d14  Mode: Manual; SigCheck; TDLFS; 
16:09:35.0058 0x2d14  ============================================================
16:09:35.0058 0x2d14  KSN ping started
16:09:35.0669 0x2d14  KSN ping finished: true
16:09:36.0134 0x2d14  ================ Scan system memory ========================
16:09:36.0134 0x2d14  System memory - ok
16:09:36.0134 0x2d14  ================ Scan services =============================
16:09:36.0139 0x2d14  [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:09:36.0188 0x2d14  !SASCORE - ok
16:09:36.0243 0x2d14  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:09:36.0265 0x2d14  1394ohci - ok
16:09:36.0270 0x2d14  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:09:36.0282 0x2d14  3ware - ok
16:09:36.0287 0x2d14  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\WINDOWS\system32\drivers\acedrv11.sys
16:09:36.0304 0x2d14  acedrv11 - ok
16:09:36.0317 0x2d14  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:09:36.0340 0x2d14  ACPI - ok
16:09:36.0343 0x2d14  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
16:09:36.0357 0x2d14  AcpiDev - ok
16:09:36.0361 0x2d14  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:09:36.0374 0x2d14  acpiex - ok
16:09:36.0376 0x2d14  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:09:36.0389 0x2d14  acpipagr - ok
16:09:36.0392 0x2d14  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:09:36.0404 0x2d14  AcpiPmi - ok
16:09:36.0407 0x2d14  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:09:36.0419 0x2d14  acpitime - ok
16:09:36.0444 0x2d14  [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:09:36.0469 0x2d14  AdobeFlashPlayerUpdateSvc - ok
16:09:36.0489 0x2d14  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:09:36.0517 0x2d14  ADP80XX - ok
16:09:36.0529 0x2d14  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:09:36.0549 0x2d14  AFD - ok
16:09:36.0555 0x2d14  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:09:36.0574 0x2d14  ahcache - ok
16:09:36.0577 0x2d14  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
16:09:36.0590 0x2d14  AJRouter - ok
16:09:36.0594 0x2d14  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
16:09:36.0608 0x2d14  ALG - ok
16:09:36.0618 0x2d14  [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:09:36.0635 0x2d14  AMD External Events Utility - ok
16:09:36.0641 0x2d14  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:09:36.0657 0x2d14  AmdK8 - ok
16:09:36.0660 0x2d14  [ 275B6F698CBEC36C42D3ABD7EE049BA1, C6CE3514947F67410B34E8973C87996A14FF485A2E5C7E5BA4FE276FB893D51C ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
16:09:36.0670 0x2d14  amdkmafd - ok
16:09:36.0684 0x2d14  amdkmdag - ok
16:09:36.0694 0x2d14  [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
16:09:36.0710 0x2d14  amdkmdap - ok
16:09:36.0715 0x2d14  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:09:36.0731 0x2d14  AmdPPM - ok
16:09:36.0735 0x2d14  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:09:36.0746 0x2d14  amdsata - ok
16:09:36.0752 0x2d14  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:09:36.0766 0x2d14  amdsbs - ok
16:09:36.0769 0x2d14  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:09:36.0779 0x2d14  amdxata - ok
16:09:36.0785 0x2d14  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:09:36.0798 0x2d14  AppID - ok
16:09:36.0802 0x2d14  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:09:36.0818 0x2d14  AppIDSvc - ok
16:09:36.0822 0x2d14  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:09:36.0839 0x2d14  Appinfo - ok
16:09:36.0844 0x2d14  [ A5E8EB3B4244358F62DADF769DB59567, 76FE364D9A896424E4C2BCA5F66CFF31F22513851B7E4B65EDE206DF159DA67F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:09:36.0853 0x2d14  Apple Mobile Device Service - ok
16:09:36.0856 0x2d14  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
16:09:36.0875 0x2d14  applockerfltr - ok
16:09:36.0881 0x2d14  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:09:36.0897 0x2d14  AppMgmt - ok
16:09:36.0908 0x2d14  [ 82432C4D8E83A94C7644A61697113B4A, 97105B0089A1E02484B202AC58610A5DCFFF6F64402B67F9E8B6FF3A0FDB6E26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:09:36.0933 0x2d14  AppReadiness - ok
16:09:36.0947 0x2d14  [ B4F1CF9D0BE52DB8883655C469AAF521, D907B0838E70EBF5D55F00A87222CABE8904FEB8483F4F8168157F27A4EDB6EE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
16:09:36.0971 0x2d14  AppVClient - ok
16:09:36.0976 0x2d14  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
16:09:36.0988 0x2d14  AppvStrm - ok
16:09:36.0992 0x2d14  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
16:09:37.0005 0x2d14  AppvVemgr - ok
16:09:37.0010 0x2d14  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
16:09:37.0023 0x2d14  AppvVfs - ok
16:09:37.0064 0x2d14  [ EAE1B6D86D661BFC494A3975583F722C, 9F6C4254B62299DAE712B9B6447CF5F6D69B529FE736427D79C2327F5B022670 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:09:37.0137 0x2d14  AppXSvc - ok
16:09:37.0144 0x2d14  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:09:37.0155 0x2d14  arcsas - ok
16:09:37.0158 0x2d14  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
16:09:37.0172 0x2d14  AsyncMac - ok
16:09:37.0175 0x2d14  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:09:37.0185 0x2d14  atapi - ok
16:09:37.0189 0x2d14  [ 482D2BAB840034F65046D0F2F42E2BEB, 3365F78C05D26BFA6375712C4DC0FA548F876B9A52F25AE360F7437E3183B973 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
16:09:37.0204 0x2d14  AtiHDAudioService - ok
16:09:37.0215 0x2d14  [ 8FF48F1C894EDC6AA55CCF01AE1338EC, 446654CC72062061F2F80DEAA30C4F575B34BAC31D50C174F4DA20B7ED2D13C7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:09:37.0241 0x2d14  AudioEndpointBuilder - ok
16:09:37.0262 0x2d14  [ DCD20FAF0485C59032397DA2F93746AE, BED193535533E7264FD29BC0AE1BBD6F97EA92FF117EF4A527B0677E630B94EF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:09:37.0304 0x2d14  Audiosrv - ok
16:09:37.0331 0x2d14  [ 39993659695A6C37933AA2A4B5477622, 4F2F4B27AC7F1B7936156F8C1500B80739FF6E809C1FB4B6C65EEC9D073679B1 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
16:09:37.0363 0x2d14  avc3 - ok
16:09:37.0379 0x2d14  [ DA80F4B7CCFED444C130A19BAF130D7B, 035457C50C0009A21C14F38A06A34F1B11CA81D28BCF5D82DFA512E73A3F4FBE ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
16:09:37.0401 0x2d14  avckf - ok
16:09:37.0405 0x2d14  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:09:37.0421 0x2d14  AxInstSV - ok
16:09:37.0423 0x2d14  b06bdrv - ok
16:09:37.0426 0x2d14  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:09:37.0439 0x2d14  BasicDisplay - ok
16:09:37.0442 0x2d14  [ CFD199354CC01F5857F3F27BC1BA2DBE, 8C3173A28EE11CE62789DC86F2DA56944478015ECB1BA02E1AFFDEDF5280373C ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:09:37.0456 0x2d14  BasicRender - ok
16:09:37.0459 0x2d14  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:09:37.0472 0x2d14  bcmfn2 - ok
16:09:37.0474 0x2d14  [ 4B190ACAE90EC79AD4D43EFCD3743DA0, 9D5187D4E1DF1672DEA2EF5C910FCA08BD8ED0573A55DF774E5300312ED87E05 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
16:09:37.0486 0x2d14  bdelam - ok
16:09:37.0494 0x2d14  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:09:37.0515 0x2d14  BDESVC - ok
16:09:37.0519 0x2d14  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
16:09:37.0530 0x2d14  bdfwfpf - ok
16:09:37.0533 0x2d14  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
16:09:37.0543 0x2d14  BDVEDISK - ok
16:09:37.0546 0x2d14  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:09:37.0558 0x2d14  Beep - ok
16:09:37.0572 0x2d14  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
16:09:37.0602 0x2d14  BFE - ok
16:09:37.0621 0x2d14  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
16:09:37.0659 0x2d14  BITS - ok
16:09:37.0669 0x2d14  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:09:37.0684 0x2d14  Bonjour Service - ok
16:09:37.0687 0x2d14  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:09:37.0702 0x2d14  bowser - ok
16:09:37.0716 0x2d14  [ 04B27B2DE2981E79E078FAAC3AA8748F, 716F00D507D37CC549BE665D957186F2CF7B2B8C9B959B0FE8D01EBED2F154C6 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:09:37.0746 0x2d14  BrokerInfrastructure - ok
16:09:37.0751 0x2d14  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
16:09:37.0767 0x2d14  Browser - ok
16:09:37.0770 0x2d14  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:09:37.0783 0x2d14  BthAvrcpTg - ok
16:09:37.0787 0x2d14  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:09:37.0801 0x2d14  BthHFEnum - ok
16:09:37.0804 0x2d14  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:09:37.0817 0x2d14  bthhfhid - ok
16:09:37.0825 0x2d14  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
16:09:37.0847 0x2d14  BthHFSrv - ok
16:09:37.0851 0x2d14  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:09:37.0865 0x2d14  BTHMODEM - ok
16:09:37.0870 0x2d14  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:09:37.0885 0x2d14  bthserv - ok
16:09:37.0888 0x2d14  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
16:09:37.0899 0x2d14  buttonconverter - ok
16:09:37.0903 0x2d14  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
16:09:37.0912 0x2d14  CAD - ok
16:09:37.0916 0x2d14  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
16:09:37.0929 0x2d14  CapImg - ok
16:09:37.0933 0x2d14  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:09:37.0948 0x2d14  cdfs - ok
16:09:37.0963 0x2d14  [ 00C7849679FCF4AE8DA78DC16BDDA369, CCEDC195D5D9512BA9E50FF586CB4B7AB9AE7091E71A24D46A934E97D84DFEBD ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
16:09:37.0998 0x2d14  CDPSvc - ok
16:09:38.0008 0x2d14  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
16:09:38.0033 0x2d14  CDPUserSvc - ok
16:09:38.0040 0x2d14  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:09:38.0055 0x2d14  cdrom - ok
16:09:38.0060 0x2d14  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:09:38.0077 0x2d14  CertPropSvc - ok
16:09:38.0080 0x2d14  [ 5D62EFC4A29F41811449027FE11C0963, C03ECA4300B887F50C2C49AE65B0A9E24C224EEB710497B6793EDE157C907D8A ] CG6Service      C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
16:09:38.0090 0x2d14  CG6Service - ok
16:09:38.0098 0x2d14  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
16:09:38.0112 0x2d14  cht4iscsi - ok
16:09:38.0144 0x2d14  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
16:09:38.0187 0x2d14  cht4vbd - ok
16:09:38.0191 0x2d14  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:09:38.0204 0x2d14  circlass - ok
16:09:38.0206 0x2d14  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
16:09:38.0223 0x2d14  CldFlt - ok
16:09:38.0230 0x2d14  [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:09:38.0245 0x2d14  CLFS - ok
16:09:38.0261 0x2d14  [ A5CA2992D42DB271DF933F49676E57DE, 7CC6B2908D9E2EDF848949C78433FAEC5526AE38307D095AA0EC66BFC45AEE3A ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
16:09:38.0284 0x2d14  ClipSVC - ok
16:09:38.0287 0x2d14  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
16:09:38.0299 0x2d14  clreg - ok
16:09:38.0305 0x2d14  [ 8B6143C42CD0A28325880C166D695702, D313F185E23F83972EE5947949F44921EC1A4FE30262D4CC81ED41B632EEF1F2 ] clwvd7          C:\WINDOWS\system32\DRIVERS\clwvd7.sys
16:09:38.0313 0x2d14  clwvd7 - ok
16:09:38.0316 0x2d14  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:09:38.0328 0x2d14  CmBatt - ok
16:09:38.0339 0x2d14  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:09:38.0360 0x2d14  CNG - ok
16:09:38.0363 0x2d14  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
16:09:38.0372 0x2d14  cnghwassist - ok
16:09:38.0375 0x2d14  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
16:09:38.0387 0x2d14  CompositeBus - ok
16:09:38.0389 0x2d14  COMSysApp - ok
16:09:38.0392 0x2d14  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:09:38.0402 0x2d14  condrv - ok
16:09:38.0417 0x2d14  [ D734EBC7E66D82D543C874ED1FE9B40D, 8381E7B619BB36A1896C2A472AB830B775F317BE6ABDE98E4F943337C21930E0 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
16:09:38.0442 0x2d14  CoreMessagingRegistrar - ok
16:09:38.0447 0x2d14  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:09:38.0462 0x2d14  CryptSvc - ok
16:09:38.0472 0x2d14  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
16:09:38.0495 0x2d14  CSC - ok
16:09:38.0507 0x2d14  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
16:09:38.0534 0x2d14  CscService - ok
16:09:38.0538 0x2d14  [ 994A369A2DFC62ADED1226C70F69D20D, 916AF63ADD92362F5361902AB4C1507086EAB8839BEC10DB65CDE0AAB20681DE ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:09:38.0548 0x2d14  dam - ok
16:09:38.0567 0x2d14  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:09:38.0603 0x2d14  DcomLaunch - ok
16:09:38.0614 0x2d14  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:09:38.0641 0x2d14  defragsvc - ok
16:09:38.0650 0x2d14  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:09:38.0671 0x2d14  DeviceAssociationService - ok
16:09:38.0675 0x2d14  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:09:38.0697 0x2d14  DeviceInstall - ok
16:09:38.0709 0x2d14  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
16:09:38.0736 0x2d14  DevicesFlowUserSvc - ok
16:09:38.0743 0x2d14  [ 636C8A34150D1FCFDDA787E97961AB70, A04807CDD20A1E6667B89C813313AA055D0DC16B1C3765B88AA9717F541DD65C ] DevMgmtService  C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
16:09:38.0751 0x2d14  DevMgmtService - ok
16:09:38.0754 0x2d14  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
16:09:38.0766 0x2d14  DevQueryBroker - ok
16:09:38.0770 0x2d14  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:09:38.0790 0x2d14  Dfsc - ok
16:09:38.0798 0x2d14  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:09:38.0818 0x2d14  Dhcp - ok
16:09:38.0822 0x2d14  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:09:38.0836 0x2d14  diagnosticshub.standardcollector.service - ok
16:09:38.0873 0x2d14  [ F38183343C14B0C0BAB900640652257F, 2C42D206A552A527097BF586F338D89252B6F90044A54322757A4B74644E66E1 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
16:09:38.0938 0x2d14  DiagTrack - ok
16:09:38.0947 0x2d14  [ 560F4C351FCD29E6796F6382EE5C803B, D2FF7F018674B5956152C2BDF6890585C8FEA3910DCA05D8008F1FBBAD0DD5CD ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
16:09:38.0957 0x2d14  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
16:09:39.0695 0x2d14  Detect skipped due to KSN trusted
16:09:39.0695 0x2d14  DirMngr - ok
16:09:39.0698 0x2d14  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
16:09:39.0709 0x2d14  Disk - ok
16:09:39.0719 0x2d14  [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
16:09:39.0752 0x2d14  DmEnrollmentSvc - ok
16:09:39.0755 0x2d14  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:09:39.0767 0x2d14  dmvsc - ok
16:09:39.0770 0x2d14  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
16:09:39.0790 0x2d14  dmwappushservice - ok
16:09:39.0796 0x2d14  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:09:39.0814 0x2d14  Dnscache - ok
16:09:39.0821 0x2d14  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:09:39.0839 0x2d14  dot3svc - ok
16:09:39.0844 0x2d14  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
16:09:39.0861 0x2d14  DPS - ok
16:09:39.0864 0x2d14  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
16:09:39.0873 0x2d14  drmkaud - ok
16:09:39.0878 0x2d14  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:09:39.0896 0x2d14  DsmSvc - ok
16:09:39.0901 0x2d14  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
16:09:39.0918 0x2d14  DsSvc - ok
16:09:39.0921 0x2d14  [ C9914A74045A6D23DB7252FA3985DE25, 0CB2655DDE564810B4F1449B0CB1C2AD18544197F7D061447399BBA98A40D3DF ] dtscsibus       C:\WINDOWS\system32\DRIVERS\dtscsibus.sys
16:09:39.0929 0x2d14  dtscsibus - ok
16:09:39.0936 0x2d14  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
16:09:39.0961 0x2d14  DusmSvc - ok
16:09:39.0998 0x2d14  [ 5FB6528EC95A2E83AE71005108C03D2B, F419FEA6679B59C5993235875C7857E8D960CDDC47E69EF08B20B6774FB08A45 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:09:40.0046 0x2d14  DXGKrnl - ok
16:09:40.0057 0x2d14  [ 83E4A14F851341C933C3235BFB882ECA, 152EDEF6B566D010FE519FE4B046050A5281069B48AFF8A2395D7D2BD0519701 ] e1iexpress      C:\WINDOWS\System32\drivers\e1i63x64.sys
16:09:40.0080 0x2d14  e1iexpress - ok
16:09:40.0084 0x2d14  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:09:40.0105 0x2d14  EapHost - ok
16:09:40.0155 0x2d14  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:09:40.0219 0x2d14  ebdrv - ok
16:09:40.0225 0x2d14  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS             C:\WINDOWS\System32\lsass.exe
16:09:40.0236 0x2d14  EFS - ok
16:09:40.0239 0x2d14  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:09:40.0249 0x2d14  EhStorClass - ok
16:09:40.0253 0x2d14  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:09:40.0263 0x2d14  EhStorTcgDrv - ok
16:09:40.0266 0x2d14  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
16:09:40.0274 0x2d14  ElbyCDIO - ok
16:09:40.0278 0x2d14  [ 0910A2954D7053537495DFF981177ACC, 9A70B599B02C67E3E3EC4FA10D76ABABA614B8CC224965B8F9479E13E68019A1 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
16:09:40.0295 0x2d14  embeddedmode - ok
16:09:40.0301 0x2d14  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
16:09:40.0320 0x2d14  EntAppSvc - ok
16:09:40.0322 0x2d14  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:09:40.0333 0x2d14  ErrDev - ok
16:09:40.0338 0x2d14  [ F1CEA9D2626D5933162C72F0C47B496C, 6B2AFF709CCF9FD9AAE61DBDDC4ACD62FB430C155DFEB31F8D2B516B309EFB3B ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
16:09:40.0348 0x2d14  ESProtectionDriver - ok
16:09:40.0356 0x2d14  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
16:09:40.0378 0x2d14  EventSystem - ok
16:09:40.0386 0x2d14  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:09:40.0406 0x2d14  exfat - ok
16:09:40.0414 0x2d14  [ 8F51A5633DEB18DBC8B1C117B42B23D7, C45FEE32C5AB67CEC86AB1388AC2E3508AF5811D8B8A204AAC8E5DC42C749A2C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:09:40.0428 0x2d14  fastfat - ok
16:09:40.0439 0x2d14  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:09:40.0465 0x2d14  Fax - ok
16:09:40.0468 0x2d14  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:09:40.0479 0x2d14  fdc - ok
16:09:40.0482 0x2d14  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:09:40.0496 0x2d14  fdPHost - ok
16:09:40.0499 0x2d14  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:09:40.0514 0x2d14  FDResPub - ok
16:09:40.0518 0x2d14  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:09:40.0535 0x2d14  fhsvc - ok
16:09:40.0538 0x2d14  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
16:09:40.0550 0x2d14  FileCrypt - ok
16:09:40.0553 0x2d14  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:09:40.0563 0x2d14  FileInfo - ok
16:09:40.0566 0x2d14  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:09:40.0580 0x2d14  Filetrace - ok
16:09:40.0583 0x2d14  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:09:40.0594 0x2d14  flpydisk - ok
16:09:40.0601 0x2d14  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:09:40.0616 0x2d14  FltMgr - ok
16:09:40.0645 0x2d14  [ 3B42FD3CCD1E7A6A192B88284B0CBA4F, 2ABD147A845AAD109F1E27258D60E4AE7AB582F303A821436CFF17645AE8F6D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:09:40.0703 0x2d14  FontCache - ok
16:09:40.0708 0x2d14  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:09:40.0718 0x2d14  FontCache3.0.0.0 - ok
16:09:40.0729 0x2d14  [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
16:09:40.0754 0x2d14  FrameServer - ok
16:09:40.0758 0x2d14  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:09:40.0767 0x2d14  FsDepends - ok
16:09:40.0770 0x2d14  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:09:40.0779 0x2d14  Fs_Rec - ok
16:09:40.0790 0x2d14  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:09:40.0811 0x2d14  fvevol - ok
16:09:40.0814 0x2d14  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:09:40.0825 0x2d14  gencounter - ok
16:09:40.0828 0x2d14  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
16:09:40.0839 0x2d14  genericusbfn - ok
16:09:40.0844 0x2d14  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:09:40.0855 0x2d14  GPIOClx0101 - ok
16:09:40.0875 0x2d14  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:09:40.0914 0x2d14  gpsvc - ok
16:09:40.0918 0x2d14  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
16:09:40.0936 0x2d14  GpuEnergyDrv - ok
16:09:40.0941 0x2d14  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:09:40.0950 0x2d14  gupdate - ok
16:09:40.0954 0x2d14  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:09:40.0963 0x2d14  gupdatem - ok
16:09:40.0967 0x2d14  [ F72818A52CBB5A9E8B2C9E350638A945, BB8E637DA21C911465FB13D7D28AAAE80691EA824146EEEA4AB94F86E5203567 ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
16:09:40.0978 0x2d14  gzflt - ok
16:09:40.0981 0x2d14  [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:09:40.0994 0x2d14  HDAudBus - ok
16:09:40.0997 0x2d14  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:09:41.0006 0x2d14  HidBatt - ok
16:09:41.0009 0x2d14  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:09:41.0022 0x2d14  HidBth - ok
16:09:41.0026 0x2d14  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:09:41.0037 0x2d14  hidi2c - ok
16:09:41.0041 0x2d14  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
16:09:41.0051 0x2d14  hidinterrupt - ok
16:09:41.0053 0x2d14  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:09:41.0065 0x2d14  HidIr - ok
16:09:41.0068 0x2d14  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:09:41.0081 0x2d14  hidserv - ok
16:09:41.0084 0x2d14  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:09:41.0095 0x2d14  HidUsb - ok
16:09:41.0101 0x2d14  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:09:41.0119 0x2d14  HomeGroupListener - ok
16:09:41.0128 0x2d14  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:09:41.0150 0x2d14  HomeGroupProvider - ok
16:09:41.0154 0x2d14  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:09:41.0163 0x2d14  HpSAMD - ok
16:09:41.0181 0x2d14  [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:09:41.0208 0x2d14  HTTP - ok
16:09:41.0212 0x2d14  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
16:09:41.0222 0x2d14  HvHost - ok
16:09:41.0225 0x2d14  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
16:09:41.0235 0x2d14  hvservice - ok
16:09:41.0238 0x2d14  hwdatacard - ok
16:09:41.0240 0x2d14  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:09:41.0249 0x2d14  hwpolicy - ok
16:09:41.0255 0x2d14  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:09:41.0266 0x2d14  hyperkbd - ok
16:09:41.0270 0x2d14  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:09:41.0283 0x2d14  i8042prt - ok
16:09:41.0286 0x2d14  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
16:09:41.0297 0x2d14  iagpio - ok
16:09:41.0300 0x2d14  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
16:09:41.0313 0x2d14  iai2c - ok
16:09:41.0316 0x2d14  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
16:09:41.0328 0x2d14  iaLPSS2i_GPIO2 - ok
16:09:41.0332 0x2d14  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
16:09:41.0344 0x2d14  iaLPSS2i_GPIO2_BXT_P - ok
16:09:41.0349 0x2d14  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
16:09:41.0364 0x2d14  iaLPSS2i_I2C - ok
16:09:41.0368 0x2d14  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
16:09:41.0382 0x2d14  iaLPSS2i_I2C_BXT_P - ok
16:09:41.0385 0x2d14  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:09:41.0394 0x2d14  iaLPSSi_GPIO - ok
16:09:41.0398 0x2d14  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:09:41.0411 0x2d14  iaLPSSi_I2C - ok
16:09:41.0423 0x2d14  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
16:09:41.0440 0x2d14  iaStorA - ok
16:09:41.0452 0x2d14  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:09:41.0471 0x2d14  iaStorAV - ok
16:09:41.0475 0x2d14  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:09:41.0482 0x2d14  IAStorDataMgrSvc - ok
16:09:41.0490 0x2d14  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:09:41.0505 0x2d14  iaStorV - ok
16:09:41.0515 0x2d14  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
16:09:41.0532 0x2d14  ibbus - ok
16:09:41.0538 0x2d14  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
16:09:41.0555 0x2d14  icssvc - ok
16:09:41.0562 0x2d14  [ 4AB719D0CEB64ED85D30EB974A5C806E, 57DAFB6C884FA2A1A9FBDD19F91F4326A76C975AEB74011A9D18D15F2423A767 ] Ignis           C:\WINDOWS\system32\DRIVERS\ignis.sys
16:09:41.0574 0x2d14  Ignis - ok
16:09:41.0589 0x2d14  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:09:41.0621 0x2d14  IKEEXT - ok
16:09:41.0626 0x2d14  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
16:09:41.0638 0x2d14  IndirectKmd - ok
16:09:41.0720 0x2d14  [ 00D0BAD638E321E12A0A1F0D0CFF96B6, 5A315284FE9393E11057FB036EB3120E4151212EB5595C1F079D622408F92E81 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:09:41.0805 0x2d14  IntcAzAudAddService - ok
16:09:41.0822 0x2d14  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:09:41.0843 0x2d14  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
16:09:42.0507 0x2d14  Detect skipped due to KSN trusted
16:09:42.0507 0x2d14  Intel(R) Capability Licensing Service Interface - ok
16:09:42.0524 0x2d14  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:09:42.0543 0x2d14  Intel(R) Capability Licensing Service TCP IP Interface - ok
16:09:42.0548 0x2d14  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
16:09:42.0556 0x2d14  Intel(R) ME Service - ok
16:09:42.0562 0x2d14  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
16:09:42.0572 0x2d14  Intel(R) PROSet Monitoring Service - ok
16:09:42.0575 0x2d14  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:09:42.0584 0x2d14  intelide - ok
16:09:42.0588 0x2d14  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:09:42.0600 0x2d14  intelpep - ok
16:09:42.0606 0x2d14  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:09:42.0624 0x2d14  intelppm - ok
16:09:42.0627 0x2d14  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
16:09:42.0636 0x2d14  iorate - ok
16:09:42.0640 0x2d14  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:09:42.0653 0x2d14  IpFilterDriver - ok
16:09:42.0670 0x2d14  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:09:42.0711 0x2d14  iphlpsvc - ok
16:09:42.0718 0x2d14  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:09:42.0729 0x2d14  IPMIDRV - ok
16:09:42.0734 0x2d14  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:09:42.0749 0x2d14  IPNAT - ok
16:09:42.0762 0x2d14  [ 6F836118C67812A6CC3F8FC9EAF0E65D, 0E8F977B304890CC9D2FE07C713B2B3F1106A79D97CECDE105AD7FC084638F1F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:09:42.0778 0x2d14  iPod Service - ok
16:09:42.0782 0x2d14  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
16:09:42.0801 0x2d14  IpxlatCfgSvc - ok
16:09:42.0805 0x2d14  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
16:09:42.0819 0x2d14  irda - ok
16:09:42.0822 0x2d14  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:09:42.0834 0x2d14  IRENUM - ok
16:09:42.0837 0x2d14  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
16:09:42.0850 0x2d14  irmon - ok
16:09:42.0853 0x2d14  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:09:42.0862 0x2d14  isapnp - ok
16:09:42.0868 0x2d14  [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:09:42.0881 0x2d14  iScsiPrt - ok
16:09:42.0886 0x2d14  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:09:42.0894 0x2d14  jhi_service - ok
16:09:42.0898 0x2d14  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:09:42.0907 0x2d14  kbdclass - ok
16:09:42.0910 0x2d14  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:09:42.0922 0x2d14  kbdhid - ok
16:09:42.0924 0x2d14  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
16:09:42.0937 0x2d14  kdnic - ok
16:09:42.0940 0x2d14  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:09:42.0950 0x2d14  KeyIso - ok
16:09:42.0954 0x2d14  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:09:42.0965 0x2d14  KSecDD - ok
16:09:42.0969 0x2d14  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:09:42.0981 0x2d14  KSecPkg - ok
16:09:42.0983 0x2d14  [ 365D39AD9D6BD9D61299DC098CDFC9E4, 7747A065818E1747C4FF4A96E069DE36919DFCC564D06CA232FD5EED44152687 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:09:43.0003 0x2d14  ksthunk - ok
16:09:43.0010 0x2d14  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:09:43.0030 0x2d14  KtmRm - ok
16:09:43.0037 0x2d14  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:09:43.0057 0x2d14  LanmanServer - ok
16:09:43.0063 0x2d14  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:09:43.0082 0x2d14  LanmanWorkstation - ok
16:09:43.0086 0x2d14  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
16:09:43.0099 0x2d14  lfsvc - ok
16:09:43.0102 0x2d14  [ 5E7641AECAC4CFC7B4B442B461A25C83, 1F6AF4ED863C17A1A326A4CB0D289EAABFAD748A6B0A7CE40CF842694572FDB7 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
16:09:43.0110 0x2d14  LGBusEnum - ok
16:09:43.0113 0x2d14  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
16:09:43.0120 0x2d14  LGCoreTemp - ok
16:09:43.0123 0x2d14  [ 7D24DEBE7BC0C01A30A9A65806B61453, 342E758AD6F88E3FA83B69F26836A9F54D1A3BE344D1D2F9C6394E085E5FCA92 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
16:09:43.0132 0x2d14  LGJoyXlCore - ok
16:09:43.0135 0x2d14  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
16:09:43.0143 0x2d14  LGSHidFilt - ok
16:09:43.0146 0x2d14  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
16:09:43.0158 0x2d14  LicenseManager - ok
16:09:43.0161 0x2d14  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
16:09:43.0180 0x2d14  lltdio - ok
16:09:43.0186 0x2d14  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:09:43.0209 0x2d14  lltdsvc - ok
16:09:43.0212 0x2d14  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:09:43.0225 0x2d14  lmhosts - ok
16:09:43.0233 0x2d14  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:09:43.0245 0x2d14  LMS - ok
16:09:43.0250 0x2d14  [ 7159380FEF0F34EEBFEACF261F25EB76, 78E7AE140C80A6C3BBF93F87DFB0BD3D9456A4C8F386758ED2A2FD544A10D494 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
16:09:43.0259 0x2d14  LogiRegistryService - ok
16:09:43.0264 0x2d14  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:09:43.0274 0x2d14  LSI_SAS - ok
16:09:43.0279 0x2d14  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
16:09:43.0289 0x2d14  LSI_SAS2i - ok
16:09:43.0293 0x2d14  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
16:09:43.0303 0x2d14  LSI_SAS3i - ok
16:09:43.0307 0x2d14  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:09:43.0317 0x2d14  LSI_SSS - ok
16:09:43.0329 0x2d14  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
16:09:43.0357 0x2d14  LSM - ok
16:09:43.0361 0x2d14  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:09:43.0377 0x2d14  luafv - ok
16:09:43.0381 0x2d14  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
16:09:43.0396 0x2d14  MapsBroker - ok
16:09:43.0404 0x2d14  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
16:09:43.0419 0x2d14  mausbhost - ok
16:09:43.0422 0x2d14  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
16:09:43.0432 0x2d14  mausbip - ok
16:09:43.0437 0x2d14  [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
16:09:43.0447 0x2d14  MBAMChameleon - ok
16:09:43.0451 0x2d14  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
16:09:43.0460 0x2d14  MBAMFarflt - ok
16:09:43.0463 0x2d14  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
16:09:43.0471 0x2d14  MBAMProtection - ok
16:09:43.0535 0x2d14  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
16:09:43.0612 0x2d14  MBAMService - ok
16:09:43.0624 0x2d14  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
16:09:43.0635 0x2d14  MBAMSwissArmy - ok
16:09:43.0639 0x2d14  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
16:09:43.0648 0x2d14  MBAMWebProtection - ok
16:09:43.0651 0x2d14  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:09:43.0661 0x2d14  megasas - ok
16:09:43.0664 0x2d14  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
16:09:43.0674 0x2d14  megasas2i - ok
16:09:43.0684 0x2d14  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:09:43.0703 0x2d14  megasr - ok
16:09:43.0707 0x2d14  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
16:09:43.0715 0x2d14  MEIx64 - ok
16:09:43.0718 0x2d14  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
16:09:43.0732 0x2d14  MessagingService - ok
16:09:43.0746 0x2d14  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
16:09:43.0769 0x2d14  mlx4_bus - ok
16:09:43.0772 0x2d14  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
16:09:43.0785 0x2d14  MMCSS - ok
16:09:43.0788 0x2d14  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:09:43.0801 0x2d14  Modem - ok
16:09:43.0804 0x2d14  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:09:43.0816 0x2d14  monitor - ok
16:09:43.0819 0x2d14  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:09:43.0829 0x2d14  mouclass - ok
16:09:43.0832 0x2d14  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:09:43.0844 0x2d14  mouhid - ok
16:09:43.0847 0x2d14  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:09:43.0858 0x2d14  mountmgr - ok
16:09:43.0862 0x2d14  [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:09:43.0872 0x2d14  MozillaMaintenance - ok
16:09:43.0876 0x2d14  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:09:43.0889 0x2d14  mpsdrv - ok
16:09:43.0905 0x2d14  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:09:43.0938 0x2d14  MpsSvc - ok
16:09:43.0944 0x2d14  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:09:43.0961 0x2d14  MRxDAV - ok
16:09:43.0970 0x2d14  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:09:43.0986 0x2d14  mrxsmb - ok
16:09:43.0993 0x2d14  [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:09:44.0010 0x2d14  mrxsmb10 - ok
16:09:44.0016 0x2d14  [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:09:44.0028 0x2d14  mrxsmb20 - ok
16:09:44.0032 0x2d14  [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
16:09:44.0047 0x2d14  MsBridge - ok
16:09:44.0052 0x2d14  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:09:44.0068 0x2d14  MSDTC - ok
16:09:44.0073 0x2d14  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:09:44.0085 0x2d14  Msfs - ok
16:09:44.0088 0x2d14  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:09:44.0098 0x2d14  msgpiowin32 - ok
16:09:44.0100 0x2d14  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:09:44.0112 0x2d14  mshidkmdf - ok
16:09:44.0114 0x2d14  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:09:44.0126 0x2d14  mshidumdf - ok
16:09:44.0129 0x2d14  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:09:44.0138 0x2d14  msisadrv - ok
16:09:44.0143 0x2d14  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:09:44.0158 0x2d14  MSiSCSI - ok
16:09:44.0160 0x2d14  msiserver - ok
16:09:44.0163 0x2d14  [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
16:09:44.0182 0x2d14  MSKSSRV - ok
16:09:44.0186 0x2d14  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
16:09:44.0200 0x2d14  MsLldp - ok
16:09:44.0202 0x2d14  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
16:09:44.0221 0x2d14  MSPCLOCK - ok
16:09:44.0224 0x2d14  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
16:09:44.0243 0x2d14  MSPQM - ok
16:09:44.0250 0x2d14  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:09:44.0265 0x2d14  MsRPC - ok
16:09:44.0272 0x2d14  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
16:09:44.0284 0x2d14  MsSecFlt - ok
16:09:44.0288 0x2d14  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:09:44.0297 0x2d14  mssmbios - ok
16:09:44.0300 0x2d14  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
16:09:44.0319 0x2d14  MSTEE - ok
16:09:44.0322 0x2d14  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:09:44.0334 0x2d14  MTConfig - ok
16:09:44.0337 0x2d14  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:09:44.0348 0x2d14  Mup - ok
16:09:44.0351 0x2d14  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:09:44.0361 0x2d14  mvumis - ok
16:09:44.0372 0x2d14  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:09:44.0403 0x2d14  NativeWifiP - ok
16:09:44.0415 0x2d14  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
16:09:44.0449 0x2d14  NaturalAuthentication - ok
16:09:44.0454 0x2d14  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:09:44.0470 0x2d14  NcaSvc - ok
16:09:44.0477 0x2d14  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:09:44.0496 0x2d14  NcbService - ok
16:09:44.0499 0x2d14  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:09:44.0517 0x2d14  NcdAutoSetup - ok
16:09:44.0521 0x2d14  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
16:09:44.0531 0x2d14  ndfltr - ok
16:09:44.0551 0x2d14  [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:09:44.0580 0x2d14  NDIS - ok
16:09:44.0584 0x2d14  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
16:09:44.0603 0x2d14  NdisCap - ok
16:09:44.0607 0x2d14  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
16:09:44.0627 0x2d14  NdisImPlatform - ok
16:09:44.0630 0x2d14  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:09:44.0648 0x2d14  NdisTapi - ok
16:09:44.0652 0x2d14  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
16:09:44.0664 0x2d14  Ndisuio - ok
16:09:44.0667 0x2d14  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:09:44.0679 0x2d14  NdisVirtualBus - ok
16:09:44.0684 0x2d14  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
16:09:44.0707 0x2d14  NdisWan - ok
16:09:44.0712 0x2d14  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:09:44.0734 0x2d14  ndiswanlegacy - ok
16:09:44.0737 0x2d14  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
16:09:44.0757 0x2d14  ndproxy - ok
16:09:44.0761 0x2d14  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:09:44.0782 0x2d14  Ndu - ok
16:09:44.0786 0x2d14  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
16:09:44.0800 0x2d14  NetAdapterCx - ok
16:09:44.0802 0x2d14  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
16:09:44.0812 0x2d14  NetBIOS - ok
16:09:44.0820 0x2d14  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:09:44.0838 0x2d14  NetBT - ok
16:09:44.0841 0x2d14  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:09:44.0851 0x2d14  Netlogon - ok
16:09:44.0857 0x2d14  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
16:09:44.0875 0x2d14  Netman - ok
16:09:44.0884 0x2d14  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:09:44.0913 0x2d14  netprofm - ok
16:09:44.0919 0x2d14  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
16:09:44.0937 0x2d14  NetSetupSvc - ok
16:09:44.0944 0x2d14  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:09:44.0954 0x2d14  NetTcpPortSharing - ok
16:09:44.0958 0x2d14  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
16:09:44.0972 0x2d14  netvsc - ok
16:09:44.0982 0x2d14  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
16:09:45.0004 0x2d14  NgcCtnrSvc - ok
16:09:45.0021 0x2d14  [ 6A3DA98447EF49AEB7931ECFBA51AFAD, 9F8E7313E6FD1F46AF22C9C58C877869E73848F459A73F16E0A6AC261BC483DE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
16:09:45.0056 0x2d14  NgcSvc - ok
16:09:45.0067 0x2d14  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:09:45.0093 0x2d14  NlaSvc - ok
16:09:45.0096 0x2d14  [ A2EB591F018FDD0A2D7E21B8E2478F1C, C29D8330948AD1B29D2DE4FBF108969CC09DE76018747C4BEC7FB1DF06E84A04 ] npcap           C:\WINDOWS\system32\DRIVERS\npcap.sys
16:09:45.0105 0x2d14  npcap - ok
16:09:45.0108 0x2d14  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
16:09:45.0115 0x2d14  NPF - ok
16:09:45.0118 0x2d14  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:09:45.0131 0x2d14  Npfs - ok
16:09:45.0134 0x2d14  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:09:45.0145 0x2d14  npsvctrig - ok
16:09:45.0148 0x2d14  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:09:45.0160 0x2d14  nsi - ok
16:09:45.0163 0x2d14  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:09:45.0175 0x2d14  nsiproxy - ok
16:09:45.0211 0x2d14  [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
16:09:45.0262 0x2d14  NTFS - ok
16:09:45.0269 0x2d14  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:09:45.0281 0x2d14  Null - ok
16:09:45.0284 0x2d14  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
16:09:45.0297 0x2d14  nvdimmn - ok
16:09:45.0301 0x2d14  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:09:45.0312 0x2d14  nvraid - ok
16:09:45.0316 0x2d14  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:09:45.0327 0x2d14  nvstor - ok
16:09:45.0335 0x2d14  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
16:09:45.0360 0x2d14  OneSyncSvc - ok
16:09:45.0394 0x2d14  [ F0E3F6F3E51EC1ABE2B6A57B65768B23, 0A82CFFB6F53A219E4CEA0747AD715BBFC8496E3227E7BCB5EBC43DB734C99F1 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:09:45.0432 0x2d14  Origin Client Service - ok
16:09:45.0482 0x2d14  [ 4966CBBEA41A8F5F83A50D616E98D44C, C1C621B33BCD3930D7E40034F47D06B6E0E27DEA63AA454EB2777FFC6A8DA8A7 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
16:09:45.0533 0x2d14  Origin Web Helper Service - ok
16:09:45.0546 0x2d14  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:09:45.0565 0x2d14  p2pimsvc - ok
16:09:45.0574 0x2d14  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:09:45.0595 0x2d14  p2psvc - ok
16:09:45.0600 0x2d14  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:09:45.0613 0x2d14  Parport - ok
16:09:45.0617 0x2d14  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:09:45.0629 0x2d14  partmgr - ok
16:09:45.0638 0x2d14  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:09:45.0656 0x2d14  PcaSvc - ok
16:09:45.0664 0x2d14  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:09:45.0678 0x2d14  pci - ok
16:09:45.0681 0x2d14  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:09:45.0690 0x2d14  pciide - ok
16:09:45.0694 0x2d14  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:09:45.0705 0x2d14  pcmcia - ok
16:09:45.0708 0x2d14  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:09:45.0717 0x2d14  pcw - ok
16:09:45.0721 0x2d14  [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:09:45.0731 0x2d14  pdc - ok
16:09:45.0744 0x2d14  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:09:45.0777 0x2d14  PEAUTH - ok
16:09:45.0810 0x2d14  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
16:09:45.0864 0x2d14  PeerDistSvc - ok
16:09:45.0872 0x2d14  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
16:09:45.0881 0x2d14  percsas2i - ok
16:09:45.0885 0x2d14  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
16:09:45.0894 0x2d14  percsas3i - ok
16:09:45.0915 0x2d14  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:09:45.0928 0x2d14  PerfHost - ok
16:09:45.0943 0x2d14  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
16:09:45.0980 0x2d14  PhoneSvc - ok
16:09:45.0989 0x2d14  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
16:09:46.0005 0x2d14  PimIndexMaintenanceSvc - ok
16:09:46.0029 0x2d14  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
16:09:46.0075 0x2d14  pla - ok
16:09:46.0083 0x2d14  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:09:46.0104 0x2d14  PlugPlay - ok
16:09:46.0108 0x2d14  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
16:09:46.0122 0x2d14  pmem - ok
16:09:46.0125 0x2d14  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:09:46.0138 0x2d14  PNRPAutoReg - ok
16:09:46.0145 0x2d14  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:09:46.0165 0x2d14  PNRPsvc - ok
16:09:46.0174 0x2d14  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:09:46.0196 0x2d14  PolicyAgent - ok
16:09:46.0201 0x2d14  [ 456DEA8B86DD28A2BAD65DC0F05B659E, CF23418563605C0255C903366D92F8A0C4CAA407000F509D558F676DD843DBCD ] Power           C:\WINDOWS\system32\umpo.dll
16:09:46.0218 0x2d14  Power - ok
16:09:46.0221 0x2d14  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
16:09:46.0242 0x2d14  PptpMiniport - ok
16:09:46.0284 0x2d14  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:09:46.0358 0x2d14  PrintNotify - ok
16:09:46.0375 0x2d14  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:09:46.0390 0x2d14  Processor - ok
16:09:46.0411 0x2d14  [ 83738D7F35391FD45A38B76F5256E88F, 76BD232C7FEAE250ADDE6C4AC35FEAFB42EE989552A1C29FB42AE0A399107D40 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
16:09:46.0438 0x2d14  ProductAgentService - ok
16:09:46.0448 0x2d14  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:09:46.0469 0x2d14  ProfSvc - ok
16:09:46.0474 0x2d14  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
16:09:46.0485 0x2d14  Psched - ok
16:09:46.0492 0x2d14  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:09:46.0515 0x2d14  QWAVE - ok
16:09:46.0519 0x2d14  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:09:46.0537 0x2d14  QWAVEdrv - ok
16:09:46.0540 0x2d14  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:09:46.0552 0x2d14  RasAcd - ok
16:09:46.0556 0x2d14  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
16:09:46.0576 0x2d14  RasAgileVpn - ok
16:09:46.0580 0x2d14  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:09:46.0595 0x2d14  RasAuto - ok
16:09:46.0599 0x2d14  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
16:09:46.0620 0x2d14  Rasl2tp - ok
16:09:46.0634 0x2d14  [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:09:46.0672 0x2d14  RasMan - ok
16:09:46.0680 0x2d14  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:09:46.0694 0x2d14  RasPppoe - ok
16:09:46.0697 0x2d14  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
16:09:46.0718 0x2d14  RasSstp - ok
16:09:46.0726 0x2d14  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:09:46.0741 0x2d14  rdbss - ok
16:09:46.0745 0x2d14  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:09:46.0757 0x2d14  rdpbus - ok
16:09:46.0762 0x2d14  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:09:46.0776 0x2d14  RDPDR - ok
16:09:46.0781 0x2d14  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:09:46.0790 0x2d14  RdpVideoMiniport - ok
16:09:46.0797 0x2d14  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:09:46.0810 0x2d14  rdyboost - ok
16:09:46.0837 0x2d14  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:09:46.0873 0x2d14  ReFS - ok
16:09:46.0893 0x2d14  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
16:09:46.0917 0x2d14  ReFSv1 - ok
16:09:46.0928 0x2d14  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:09:46.0951 0x2d14  RemoteAccess - ok
16:09:46.0956 0x2d14  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:09:46.0977 0x2d14  RemoteRegistry - ok
16:09:46.0989 0x2d14  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
16:09:47.0016 0x2d14  RetailDemo - ok
16:09:47.0019 0x2d14  [ 498C3D4D44382A96812A0E0FF28D575B, 23CB784547268CF775636B07CAC4C00B962FD10A7F9144D5D5886A9166919BBA ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
16:09:47.0026 0x2d14  Revoflt - ok
16:09:47.0031 0x2d14  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
16:09:47.0054 0x2d14  RmSvc - ok
16:09:47.0059 0x2d14  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
16:09:47.0067 0x2d14  rpcapd - ok
16:09:47.0070 0x2d14  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:09:47.0085 0x2d14  RpcEptMapper - ok
16:09:47.0088 0x2d14  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:09:47.0100 0x2d14  RpcLocator - ok
16:09:47.0117 0x2d14  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:09:47.0152 0x2d14  RpcSs - ok
16:09:47.0160 0x2d14  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
16:09:47.0179 0x2d14  rspndr - ok
16:09:47.0185 0x2d14  [ C58847223D7EA5AB3B1D26F0BEAFDF1F, 367A8C5DFD343B8721C94400629E61D0B600FE088265B3C1544472FABB670235 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:09:47.0197 0x2d14  RtkAudioService - ok
16:09:47.0209 0x2d14  [ 14190644E437A95B244BFC9B37ACDB61, 793142BF5BD234F6ADA35899CA0E3ED613BE7FD09D035E5851B8C893C20F98FB ] RTL8192su       C:\WINDOWS\System32\drivers\RTL8192su.sys
16:09:47.0234 0x2d14  RTL8192su - ok
16:09:47.0237 0x2d14  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:09:47.0248 0x2d14  s3cap - ok
16:09:47.0251 0x2d14  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:09:47.0262 0x2d14  SamSs - ok
16:09:47.0264 0x2d14  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:09:47.0271 0x2d14  SASDIFSV - ok
16:09:47.0273 0x2d14  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:09:47.0279 0x2d14  SASKUTIL - ok
16:09:47.0283 0x2d14  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:09:47.0293 0x2d14  sbp2port - ok
16:09:47.0299 0x2d14  [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:09:47.0318 0x2d14  SCardSvr - ok
16:09:47.0323 0x2d14  [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:09:47.0341 0x2d14  ScDeviceEnum - ok
16:09:47.0344 0x2d14  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:09:47.0357 0x2d14  scfilter - ok
16:09:47.0372 0x2d14  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:09:47.0410 0x2d14  Schedule - ok
16:09:47.0417 0x2d14  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
16:09:47.0428 0x2d14  scmbus - ok
16:09:47.0432 0x2d14  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:09:47.0449 0x2d14  SCPolicySvc - ok
16:09:47.0455 0x2d14  [ DCD86049661A2C36DEE69D9DF7C3330D, DFFE21D91289C17A1ACE1311A8621EDC0C6579552B4C22FEC3BD884746234114 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:09:47.0469 0x2d14  sdbus - ok
16:09:47.0472 0x2d14  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
16:09:47.0481 0x2d14  SDFRd - ok
16:09:47.0486 0x2d14  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
16:09:47.0501 0x2d14  SDRSVC - ok
16:09:47.0504 0x2d14  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:09:47.0514 0x2d14  sdstor - ok
16:09:47.0517 0x2d14  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:09:47.0536 0x2d14  seclogon - ok
16:09:47.0543 0x2d14  [ 09301074EA03CA8E82EAB16ADA1217CA, 4A303880959F611B199C810D231539B7DE618E28041BFA30891F2C55A70754D7 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
16:09:47.0559 0x2d14  SecurityHealthService - ok
16:09:47.0578 0x2d14  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
16:09:47.0616 0x2d14  SEMgrSvc - ok
16:09:47.0623 0x2d14  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
         


Geändert von jarobmar (01.06.2017 um 15:34 Uhr)

Alt 01.06.2017, 15:26   #6
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



TDSSKILLER - LOG - PART 2

Code:
ATTFilter
16:09:47.0639 0x2d14  SENS - ok
16:09:47.0641 0x2d14  Sense - ok
16:09:47.0662 0x2d14  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
16:09:47.0709 0x2d14  SensorDataService - ok
16:09:47.0723 0x2d14  [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService   C:\WINDOWS\system32\SensorService.dll
16:09:47.0747 0x2d14  SensorService - ok
16:09:47.0754 0x2d14  [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:09:47.0770 0x2d14  SensrSvc - ok
16:09:47.0773 0x2d14  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:09:47.0783 0x2d14  SerCx - ok
16:09:47.0788 0x2d14  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:09:47.0799 0x2d14  SerCx2 - ok
16:09:47.0802 0x2d14  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:09:47.0813 0x2d14  Serenum - ok
16:09:47.0817 0x2d14  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:09:47.0829 0x2d14  Serial - ok
16:09:47.0832 0x2d14  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:09:47.0844 0x2d14  sermouse - ok
16:09:47.0853 0x2d14  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:09:47.0875 0x2d14  SessionEnv - ok
16:09:47.0878 0x2d14  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:09:47.0889 0x2d14  sfloppy - ok
16:09:47.0899 0x2d14  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:09:47.0930 0x2d14  SharedAccess - ok
16:09:47.0942 0x2d14  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:09:47.0971 0x2d14  ShellHWDetection - ok
16:09:47.0977 0x2d14  [ 1F73E6C66E7D9ED4FD58F9238D27430E, F1BFF9D3A0BB1981F6A1A3C23476675760E5AEFD919697D6DF00421576D93985 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
16:09:47.0995 0x2d14  shpamsvc - ok
16:09:47.0998 0x2d14  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:09:48.0008 0x2d14  SiSRaid2 - ok
16:09:48.0011 0x2d14  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:09:48.0021 0x2d14  SiSRaid4 - ok
16:09:48.0024 0x2d14  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
16:09:48.0043 0x2d14  smphost - ok
16:09:48.0054 0x2d14  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
16:09:48.0086 0x2d14  SmsRouter - ok
16:09:48.0091 0x2d14  [ 17B685A6DBD7543D2A55739526361583, EAF3C4DE587866D04CF9B051E5CEE335BC84788C8C62816AF404B6AD24FF1482 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:09:48.0105 0x2d14  SNMPTRAP - ok
16:09:48.0117 0x2d14  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:09:48.0135 0x2d14  spaceport - ok
16:09:48.0138 0x2d14  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
16:09:48.0147 0x2d14  SpatialGraphFilter - ok
16:09:48.0151 0x2d14  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:09:48.0161 0x2d14  SpbCx - ok
16:09:48.0175 0x2d14  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
16:09:48.0207 0x2d14  spectrum - ok
16:09:48.0220 0x2d14  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:09:48.0249 0x2d14  Spooler - ok
16:09:48.0319 0x2d14  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:09:48.0405 0x2d14  sppsvc - ok
16:09:48.0420 0x2d14  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:09:48.0439 0x2d14  srv - ok
16:09:48.0452 0x2d14  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:09:48.0478 0x2d14  srv2 - ok
16:09:48.0484 0x2d14  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:09:48.0507 0x2d14  srvnet - ok
16:09:48.0512 0x2d14  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:09:48.0537 0x2d14  SSDPSRV - ok
16:09:48.0542 0x2d14  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:09:48.0560 0x2d14  SstpSvc - ok
16:09:48.0637 0x2d14  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
16:09:48.0734 0x2d14  StateRepository - ok
16:09:48.0766 0x2d14  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:09:48.0795 0x2d14  Steam Client Service - ok
16:09:48.0799 0x2d14  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:09:48.0808 0x2d14  stexstor - ok
16:09:48.0820 0x2d14  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:09:48.0847 0x2d14  stisvc - ok
16:09:48.0852 0x2d14  [ 63F1C499672A1049F0814F243798F35F, 65B39E2AFC48E8F5754296DC72183EE505677D7FCD8909D4975629D6AA849DC0 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:09:48.0863 0x2d14  storahci - ok
16:09:48.0866 0x2d14  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
16:09:48.0875 0x2d14  storflt - ok
16:09:48.0879 0x2d14  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:09:48.0889 0x2d14  stornvme - ok
16:09:48.0893 0x2d14  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
16:09:48.0905 0x2d14  storqosflt - ok
16:09:48.0918 0x2d14  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:09:48.0946 0x2d14  StorSvc - ok
16:09:48.0950 0x2d14  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
16:09:48.0959 0x2d14  storufs - ok
16:09:48.0962 0x2d14  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:09:48.0971 0x2d14  storvsc - ok
16:09:48.0974 0x2d14  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:09:48.0989 0x2d14  svsvc - ok
16:09:48.0992 0x2d14  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:09:49.0001 0x2d14  swenum - ok
16:09:49.0010 0x2d14  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
16:09:49.0035 0x2d14  swprv - ok
16:09:49.0038 0x2d14  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
16:09:49.0051 0x2d14  Synth3dVsc - ok
16:09:49.0067 0x2d14  [ 4746E7782AABDDC950E94336C03D3D4E, B583CB003D364F82B6C45932CC119FF8D5555E3E0B2D75B861B34C1B6AB6509B ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:09:49.0106 0x2d14  SysMain - ok
16:09:49.0117 0x2d14  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:09:49.0136 0x2d14  SystemEventsBroker - ok
16:09:49.0141 0x2d14  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:09:49.0157 0x2d14  TabletInputService - ok
16:09:49.0160 0x2d14  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
16:09:49.0171 0x2d14  tap0901 - ok
16:09:49.0174 0x2d14  [ E790E904BB06081F5A3DAFE87F20D06B, F09F574A134E87B9578B914ACD028AF49031CDC788989A073197774A49FFFD17 ] taphss6         C:\WINDOWS\System32\drivers\taphss6.sys
16:09:49.0182 0x2d14  taphss6 - ok
16:09:49.0189 0x2d14  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:09:49.0208 0x2d14  TapiSrv - ok
16:09:49.0247 0x2d14  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:09:49.0300 0x2d14  Tcpip - ok
16:09:49.0344 0x2d14  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
16:09:49.0396 0x2d14  Tcpip6 - ok
16:09:49.0406 0x2d14  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:09:49.0418 0x2d14  tcpipreg - ok
16:09:49.0424 0x2d14  [ 2540384EF2EEE5BE930E3FB1061395DC, 53BACC0718967E0860BAE1EB2DECDD3960FA19AC47066C5DFCE03AA0427BB654 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:09:49.0434 0x2d14  tdx - ok
16:09:49.0437 0x2d14  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:09:49.0447 0x2d14  terminpt - ok
16:09:49.0464 0x2d14  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:09:49.0497 0x2d14  TermService - ok
16:09:49.0501 0x2d14  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:09:49.0518 0x2d14  Themes - ok
16:09:49.0525 0x2d14  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
16:09:49.0546 0x2d14  TieringEngineService - ok
16:09:49.0558 0x2d14  [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
16:09:49.0584 0x2d14  tiledatamodelsvc - ok
16:09:49.0589 0x2d14  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
16:09:49.0605 0x2d14  TimeBrokerSvc - ok
16:09:49.0622 0x2d14  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
16:09:49.0657 0x2d14  TokenBroker - ok
16:09:49.0664 0x2d14  [ 13878331EB3906C29A1F4E46B9606218, 892C17BBB35E72B36AE5F16124DFD5D8D7151260A370C142EBDD1D14EAD42AB9 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
16:09:49.0676 0x2d14  TPM - ok
16:09:49.0680 0x2d14  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:09:49.0695 0x2d14  TrkWks - ok
16:09:49.0705 0x2d14  [ AA129EFF64E41947F6A46388A7F5F966, CB3699055EA62F1BE132CDBA1F728C86B48625E4F63A2FD78C686D52A4265906 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
16:09:49.0720 0x2d14  trufos - ok
16:09:49.0724 0x2d14  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:09:49.0738 0x2d14  TrustedInstaller - ok
16:09:49.0742 0x2d14  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:09:49.0754 0x2d14  TsUsbFlt - ok
16:09:49.0757 0x2d14  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:09:49.0769 0x2d14  TsUsbGD - ok
16:09:49.0773 0x2d14  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
16:09:49.0786 0x2d14  tsusbhub - ok
16:09:49.0791 0x2d14  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
16:09:49.0805 0x2d14  tzautoupdate - ok
16:09:49.0809 0x2d14  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:09:49.0819 0x2d14  UASPStor - ok
16:09:49.0823 0x2d14  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
16:09:49.0836 0x2d14  UcmCx0101 - ok
16:09:49.0841 0x2d14  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
16:09:49.0855 0x2d14  UcmTcpciCx0101 - ok
16:09:49.0859 0x2d14  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
16:09:49.0871 0x2d14  UcmUcsi - ok
16:09:49.0876 0x2d14  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
16:09:49.0888 0x2d14  Ucx01000 - ok
16:09:49.0891 0x2d14  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
16:09:49.0903 0x2d14  UdeCx - ok
16:09:49.0910 0x2d14  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:09:49.0934 0x2d14  udfs - ok
16:09:49.0937 0x2d14  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:09:49.0946 0x2d14  UEFI - ok
16:09:49.0949 0x2d14  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
16:09:49.0958 0x2d14  UevAgentDriver - ok
16:09:49.0978 0x2d14  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
16:09:50.0014 0x2d14  UevAgentService - ok
16:09:50.0024 0x2d14  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
16:09:50.0037 0x2d14  Ufx01000 - ok
16:09:50.0041 0x2d14  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
16:09:50.0051 0x2d14  UfxChipidea - ok
16:09:50.0056 0x2d14  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
16:09:50.0067 0x2d14  ufxsynopsys - ok
16:09:50.0073 0x2d14  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:09:50.0087 0x2d14  UI0Detect - ok
16:09:50.0090 0x2d14  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:09:50.0103 0x2d14  umbus - ok
16:09:50.0106 0x2d14  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:09:50.0117 0x2d14  UmPass - ok
16:09:50.0123 0x2d14  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:09:50.0141 0x2d14  UmRdpService - ok
16:09:50.0161 0x2d14  [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
16:09:50.0199 0x2d14  UnistoreSvc - ok
16:09:50.0216 0x2d14  [ C01212FAF3D89703E52CC17BC74261D4, 5621C4813A6251AEC0A0C6C56338C2F47B531CE59CD22F43B2474D9513D4B94B ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
16:09:50.0226 0x2d14  UPDATESRV - ok
16:09:50.0235 0x2d14  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:09:50.0264 0x2d14  upnphost - ok
16:09:50.0268 0x2d14  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
16:09:50.0277 0x2d14  UrsChipidea - ok
16:09:50.0280 0x2d14  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
16:09:50.0290 0x2d14  UrsCx01000 - ok
16:09:50.0293 0x2d14  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
16:09:50.0302 0x2d14  UrsSynopsys - ok
16:09:50.0305 0x2d14  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
16:09:50.0318 0x2d14  USBAAPL64 - ok
16:09:50.0323 0x2d14  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:09:50.0334 0x2d14  usbccgp - ok
16:09:50.0338 0x2d14  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:09:50.0352 0x2d14  usbcir - ok
16:09:50.0356 0x2d14  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:09:50.0366 0x2d14  usbehci - ok
16:09:50.0376 0x2d14  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:09:50.0392 0x2d14  usbhub - ok
16:09:50.0402 0x2d14  [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:09:50.0421 0x2d14  USBHUB3 - ok
16:09:50.0424 0x2d14  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:09:50.0436 0x2d14  usbohci - ok
16:09:50.0456 0x2d14  [ 538233FBBC748AA1D57B7B53F150DE9A, 2ACE7539E3A79D609DD11229708F7DB1822C36189844A40E2F4971766229039B ] USBPNPA         C:\WINDOWS\system32\drivers\CM10864.sys
16:09:50.0493 0x2d14  USBPNPA - ok
16:09:50.0501 0x2d14  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:09:50.0512 0x2d14  usbprint - ok
16:09:50.0516 0x2d14  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
16:09:50.0528 0x2d14  usbser - ok
16:09:50.0533 0x2d14  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:09:50.0544 0x2d14  USBSTOR - ok
16:09:50.0547 0x2d14  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:09:50.0558 0x2d14  usbuhci - ok
16:09:50.0566 0x2d14  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:09:50.0581 0x2d14  USBXHCI - ok
16:09:50.0606 0x2d14  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
16:09:50.0654 0x2d14  UserDataSvc - ok
16:09:50.0675 0x2d14  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
16:09:50.0712 0x2d14  UserManager - ok
16:09:50.0729 0x2d14  [ C71F447901864A61698B9FA2CF538146, 13673F28E6AE2CE8AB20ECF93997B49A355087F72970FE0BA7319B629DB3D36E ] UsoSvc          C:\WINDOWS\system32\usocore.dll
16:09:50.0756 0x2d14  UsoSvc - ok
16:09:50.0760 0x2d14  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:09:50.0770 0x2d14  VaultSvc - ok
16:09:50.0786 0x2d14  [ 93C0FDDBC38C2DA07CA178CBA46E6802, 5E6BF94440C20FFB9F8081D9818C4483A5FBACF93BD556B0A1E64CAB57025A1D ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
16:09:50.0807 0x2d14  VBoxDrv - ok
16:09:50.0812 0x2d14  [ F16A3B9751A808F9BB48DC74D2361E37, D13F7818E8C5DD52C1B8CA57CBEF578D0DA11824415689CFA696212BA852C283 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
16:09:50.0821 0x2d14  VBoxNetAdp - ok
16:09:50.0826 0x2d14  [ 5A1AFF4007FA350842063D361A83F1E8, 8E5C83775698A49D73918DA82C3DB3C8FDEA96F94080625847569CCD919B57D6 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
16:09:50.0836 0x2d14  VBoxNetLwf - ok
16:09:50.0841 0x2d14  [ 85FEDE53B34F1F83F827C3140DC4B11C, 5F6FCD79FC93845582C24A3B2A456D59909C7B9753A67A4F710AD1858C818947 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
16:09:50.0850 0x2d14  VBoxUSBMon - ok
16:09:50.0853 0x2d14  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
16:09:50.0864 0x2d14  VClone - ok
16:09:50.0868 0x2d14  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:09:50.0877 0x2d14  vdrvroot - ok
16:09:50.0889 0x2d14  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
16:09:50.0918 0x2d14  vds - ok
16:09:50.0925 0x2d14  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:09:50.0937 0x2d14  VerifierExt - ok
16:09:50.0949 0x2d14  [ 1021DCD0E3632E099E599B8893DC7969, 18A4F022240FBBDAEEAF6613E88F1B89370EE8BE575059657FEA451D7DA1FE75 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:09:50.0970 0x2d14  vhdmp - ok
16:09:50.0974 0x2d14  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
16:09:50.0986 0x2d14  vhf - ok
16:09:50.0990 0x2d14  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:09:51.0000 0x2d14  vmbus - ok
16:09:51.0003 0x2d14  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:09:51.0015 0x2d14  VMBusHID - ok
16:09:51.0017 0x2d14  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
16:09:51.0029 0x2d14  vmgid - ok
16:09:51.0035 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
16:09:51.0054 0x2d14  vmicguestinterface - ok
16:09:51.0060 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
16:09:51.0077 0x2d14  vmicheartbeat - ok
16:09:51.0083 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
16:09:51.0101 0x2d14  vmickvpexchange - ok
16:09:51.0109 0x2d14  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
16:09:51.0127 0x2d14  vmicrdv - ok
16:09:51.0134 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
16:09:51.0152 0x2d14  vmicshutdown - ok
16:09:51.0158 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
16:09:51.0175 0x2d14  vmictimesync - ok
16:09:51.0181 0x2d14  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
16:09:51.0199 0x2d14  vmicvmsession - ok
16:09:51.0206 0x2d14  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
16:09:51.0225 0x2d14  vmicvss - ok
16:09:51.0228 0x2d14  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:09:51.0239 0x2d14  volmgr - ok
16:09:51.0247 0x2d14  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:09:51.0262 0x2d14  volmgrx - ok
16:09:51.0270 0x2d14  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:09:51.0285 0x2d14  volsnap - ok
16:09:51.0288 0x2d14  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
16:09:51.0297 0x2d14  volume - ok
16:09:51.0301 0x2d14  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:09:51.0311 0x2d14  vpci - ok
16:09:51.0316 0x2d14  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:09:51.0328 0x2d14  vsmraid - ok
16:09:51.0352 0x2d14  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:09:51.0402 0x2d14  VSS - ok
16:09:51.0429 0x2d14  [ B21B4B2B792677376D27006AC7684893, 45713B7F3B3C89A08C5A94FB670EB866948A2BADD0E1523B715DFD79718F4A47 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
16:09:51.0457 0x2d14  VSSERV - ok
16:09:51.0471 0x2d14  [ 4889BF61752AD05C2AC73CF72A7C8F16, 9B2FF0CAF57855AA1F37933F2B9DC2B845D6BAD80C5DD400BD688DF343AFCDF5 ] vsservp         C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
16:09:51.0490 0x2d14  vsservp - ok
16:09:51.0498 0x2d14  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:09:51.0512 0x2d14  VSTXRAID - ok
16:09:51.0515 0x2d14  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:09:51.0534 0x2d14  vwifibus - ok
16:09:51.0538 0x2d14  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
16:09:51.0558 0x2d14  vwififlt - ok
16:09:51.0562 0x2d14  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
16:09:51.0582 0x2d14  vwifimp - ok
16:09:51.0592 0x2d14  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
16:09:51.0622 0x2d14  W32Time - ok
16:09:51.0626 0x2d14  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:09:51.0637 0x2d14  WacomPen - ok
16:09:51.0647 0x2d14  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
16:09:51.0669 0x2d14  WalletService - ok
16:09:51.0672 0x2d14  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:09:51.0692 0x2d14  wanarp - ok
16:09:51.0695 0x2d14  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:09:51.0715 0x2d14  wanarpv6 - ok
16:09:51.0739 0x2d14  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:09:51.0784 0x2d14  wbengine - ok
16:09:51.0805 0x2d14  [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:09:51.0837 0x2d14  WbioSrvc - ok
16:09:51.0842 0x2d14  [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
16:09:51.0853 0x2d14  wcifs - ok
16:09:51.0867 0x2d14  [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:09:51.0897 0x2d14  Wcmsvc - ok
16:09:51.0907 0x2d14  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:09:51.0929 0x2d14  wcncsvc - ok
16:09:51.0933 0x2d14  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
16:09:51.0946 0x2d14  wcnfs - ok
16:09:51.0949 0x2d14  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:09:51.0959 0x2d14  WdBoot - ok
16:09:51.0966 0x2d14  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
16:09:51.0977 0x2d14  WDC_SAM - ok
16:09:51.0993 0x2d14  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:09:52.0014 0x2d14  Wdf01000 - ok
16:09:52.0021 0x2d14  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:09:52.0035 0x2d14  WdFilter - ok
16:09:52.0039 0x2d14  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:09:52.0056 0x2d14  WdiServiceHost - ok
16:09:52.0060 0x2d14  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:09:52.0077 0x2d14  WdiSystemHost - ok
16:09:52.0090 0x2d14  [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
16:09:52.0125 0x2d14  wdiwifi - ok
16:09:52.0133 0x2d14  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:09:52.0144 0x2d14  WdNisDrv - ok
16:09:52.0146 0x2d14  WdNisSvc - ok
16:09:52.0153 0x2d14  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:09:52.0173 0x2d14  WebClient - ok
16:09:52.0179 0x2d14  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:09:52.0197 0x2d14  Wecsvc - ok
16:09:52.0200 0x2d14  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:09:52.0215 0x2d14  WEPHOSTSVC - ok
16:09:52.0219 0x2d14  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:09:52.0235 0x2d14  wercplsupport - ok
16:09:52.0241 0x2d14  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:09:52.0257 0x2d14  WerSvc - ok
16:09:52.0268 0x2d14  [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
16:09:52.0300 0x2d14  WFDSConMgrSvc - ok
16:09:52.0305 0x2d14  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
16:09:52.0317 0x2d14  WFPLWFS - ok
16:09:52.0321 0x2d14  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:09:52.0336 0x2d14  WiaRpc - ok
16:09:52.0340 0x2d14  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:09:52.0349 0x2d14  WIMMount - ok
16:09:52.0351 0x2d14  WinDefend - ok
16:09:52.0358 0x2d14  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
16:09:52.0368 0x2d14  WindowsTrustedRT - ok
16:09:52.0371 0x2d14  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
16:09:52.0381 0x2d14  WindowsTrustedRTProxy - ok
16:09:52.0396 0x2d14  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:09:52.0421 0x2d14  WinHttpAutoProxySvc - ok
16:09:52.0425 0x2d14  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
16:09:52.0435 0x2d14  WinMad - ok
16:09:52.0443 0x2d14  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:09:52.0467 0x2d14  Winmgmt - ok
16:09:52.0473 0x2d14  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
16:09:52.0489 0x2d14  WinNat - ok
16:09:52.0530 0x2d14  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:09:52.0610 0x2d14  WinRM - ok
16:09:52.0622 0x2d14  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
16:09:52.0635 0x2d14  WINUSB - ok
16:09:52.0639 0x2d14  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
16:09:52.0649 0x2d14  WinVerbs - ok
16:09:52.0661 0x2d14  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
16:09:52.0687 0x2d14  wisvc - ok
16:09:52.0725 0x2d14  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:09:52.0797 0x2d14  WlanSvc - ok
16:09:52.0836 0x2d14  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:09:52.0897 0x2d14  wlidsvc - ok
16:09:52.0923 0x2d14  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
16:09:52.0970 0x2d14  wlpasvc - ok
16:09:52.0978 0x2d14  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:09:52.0989 0x2d14  WmiAcpi - ok
16:09:52.0997 0x2d14  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:09:53.0018 0x2d14  wmiApSrv - ok
16:09:53.0020 0x2d14  WMPNetworkSvc - ok
16:09:53.0026 0x2d14  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
16:09:53.0039 0x2d14  Wof - ok
16:09:53.0069 0x2d14  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:09:53.0121 0x2d14  workfolderssvc - ok
16:09:53.0130 0x2d14  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:09:53.0145 0x2d14  WPDBusEnum - ok
16:09:53.0148 0x2d14  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:09:53.0157 0x2d14  WpdUpFltr - ok
16:09:53.0164 0x2d14  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
16:09:53.0182 0x2d14  WpnService - ok
16:09:53.0186 0x2d14  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
16:09:53.0200 0x2d14  WpnUserService - ok
16:09:53.0205 0x2d14  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:09:53.0222 0x2d14  ws2ifsl - ok
16:09:53.0232 0x2d14  [ C9571741D8F21FDBC3C1543D89503697, A01E4E5167A372BE8FF40FF297C14A3AB35D401BBEBEECF0B298A4384FC0C890 ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
16:09:53.0245 0x2d14  WsAppService - ok
16:09:53.0251 0x2d14  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:09:53.0268 0x2d14  wscsvc - ok
16:09:53.0271 0x2d14  WSearch - ok
16:09:53.0309 0x2d14  [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:09:53.0374 0x2d14  wuauserv - ok
16:09:53.0383 0x2d14  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:09:53.0397 0x2d14  WudfPf - ok
16:09:53.0403 0x2d14  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:09:53.0419 0x2d14  WUDFRd - ok
16:09:53.0424 0x2d14  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:09:53.0439 0x2d14  wudfsvc - ok
16:09:53.0445 0x2d14  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:09:53.0461 0x2d14  WUDFWpdFs - ok
16:09:53.0466 0x2d14  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:09:53.0483 0x2d14  WUDFWpdMtp - ok
16:09:53.0505 0x2d14  [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:09:53.0555 0x2d14  WwanSvc - ok
16:09:53.0566 0x2d14  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
16:09:53.0582 0x2d14  xbgm - ok
16:09:53.0599 0x2d14  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
16:09:53.0636 0x2d14  XblAuthManager - ok
16:09:53.0659 0x2d14  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
16:09:53.0697 0x2d14  XblGameSave - ok
16:09:53.0707 0x2d14  [ 3AC720A97FE4B6325F3012B21AF74390, 41AC655BD5CE5016BAA482534D1CEA6E11EAECE121344B45A5C8DF84A83807F4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
16:09:53.0724 0x2d14  xboxgip - ok
16:09:53.0727 0x2d14  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
16:09:53.0740 0x2d14  XboxGipSvc - ok
16:09:53.0759 0x2d14  [ 8489AA1A36074B3487BFDA8A9FDBAB3D, 59337C1F65AF42820260FCE271D18C2221B64A5E53005A11ECF397F651031C6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
16:09:53.0802 0x2d14  XboxNetApiSvc - ok
16:09:53.0809 0x2d14  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
16:09:53.0821 0x2d14  xinputhid - ok
16:09:53.0826 0x2d14  [ 38F55D07B1D3391065C40EC065F984E2, 056F5E3034C4C11403D74F44A364964A3A5945608DAE2A03EF025A22F5C31B26 ] xusb21          C:\WINDOWS\system32\DRIVERS\xusb21.sys
16:09:53.0838 0x2d14  xusb21 - ok
16:09:53.0839 0x2d14  ================ Scan global ===============================
16:09:53.0842 0x2d14  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
16:09:53.0846 0x2d14  [ A42970F5DAA633B35322F200C39DF4CF, 91EEA2A5BA8FF0CBCB058218B01E747D29ADE4544AFC5474C71DB380866B4F2E ] C:\WINDOWS\system32\winsrv.dll
16:09:53.0851 0x2d14  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
16:09:53.0862 0x2d14  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
16:09:53.0870 0x2d14  [ Global ] - ok
16:09:53.0870 0x2d14  ================ Scan MBR ==================================
16:09:53.0871 0x2d14  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:09:53.0961 0x2d14  \Device\Harddisk0\DR0 - ok
16:09:53.0961 0x2d14  ================ Scan VBR ==================================
16:09:53.0962 0x2d14  [ 141B55371AA9A80D1C2F57252F6142FD ] \Device\Harddisk0\DR0\Partition1
16:09:53.0963 0x2d14  \Device\Harddisk0\DR0\Partition1 - ok
16:09:53.0965 0x2d14  [ A1CE015587581066ACA77C623D328661 ] \Device\Harddisk0\DR0\Partition2
16:09:53.0965 0x2d14  \Device\Harddisk0\DR0\Partition2 - ok
16:09:53.0966 0x2d14  ================ Scan generic autorun ======================
16:09:53.0966 0x2d14  SecurityHealth - ok
16:09:54.0204 0x2d14  [ 88FC2108F110C7B91A44D9865D63B67E, BE019F1B2A580A6EE90FE1CBBCE16AF0507C9C9B22FA323CD32917572D65B7BC ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:09:54.0443 0x2d14  RtHDVCpl - ok
16:09:54.0459 0x2d14  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:09:54.0465 0x2d14  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
16:09:55.0123 0x2d14  Detect skipped due to KSN trusted
16:09:55.0123 0x2d14  IAStorIcon - ok
16:09:55.0351 0x2d14  [ 5D36AEE2E912402F4ABAB2C55182E3E1, 791D2562776C8E9F309990F1DDA96D51FA9E562EBC1158930C1B9D190EE54FEB ] C:\Program Files\Logitech Gaming Software\LCore.exe
16:09:55.0607 0x2d14  Launch LCore - ok
16:09:55.0639 0x2d14  [ F57886ACE1AB4972B0308F69B1A0029C, 2BE981B3686EE5E725583F5936F5F0A0992723CAD784457F91D9D1D5A15A0852 ] C:\WINDOWS\syswow64\RunDll32.exe
16:09:55.0657 0x2d14  Cm108Sound - ok
16:09:55.0664 0x2d14  [ 782A31DB311AAC5F9CB50DDD9228867A, E200DFE8E1F8F8EEA26EDD76A3A3843EFDAE0A2284808D65C9DA6C4F76970E29 ] C:\Program Files\iTunes\iTunesHelper.exe
16:09:55.0676 0x2d14  iTunesHelper - ok
16:09:55.0717 0x2d14  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
16:09:55.0762 0x2d14  Malwarebytes TrayApp - ok
16:09:55.0807 0x2d14  [ 1F8CC45A4D58E3C83917BA6F5549DEFC, C759F1F1734EADC1E553D07674F206FCFBE20444A1C4D8AFAF4FC68BDAF30317 ] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
16:09:55.0841 0x2d14  DelaypluginInstall - ok
16:09:56.0134 0x2d14  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:09:56.0479 0x2d14  OneDriveSetup - ok
16:09:56.0786 0x2d14  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:09:57.0087 0x2d14  OneDriveSetup - ok
16:09:57.0127 0x2d14  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Rambo411\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:09:57.0158 0x2d14  OneDrive - ok
16:09:57.0203 0x2d14  [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] C:\Program Files (x86)\Steam\steam.exe
16:09:57.0257 0x2d14  Steam - ok
16:09:57.0394 0x2d14  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
16:09:57.0526 0x2d14  CCleaner Monitoring - ok
16:09:57.0553 0x2d14  [ 8840A6E6C26C35D89D890DFFE15C5BDD, 2A46FA19F6DC62B07DE3436B3BAAE3F528F82D715DBAAFD829CF50F84DFF60F4 ] C:\Program Files\CyberGhost 6\CyberGhost.exe
16:09:57.0576 0x2d14  CyberGhost - ok
16:09:57.0710 0x2d14  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
16:09:57.0842 0x2d14  CCleaner - ok
16:09:57.0965 0x2d14  [ F396E2B4B1F903201F5AC404383E6282, C78882600C8899AEE6678FF9ECB9C6A87BD6F21060527DA7B20911DC2AC57D06 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
16:09:58.0100 0x2d14  SUPERAntiSpyware - ok
16:09:58.0400 0x2d14  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:09:58.0702 0x2d14  OneDriveSetup - ok
16:09:58.0725 0x2d14  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
16:09:58.0761 0x2d14  WAB Migrate - ok
16:09:58.0761 0x2d14  Waiting for KSN requests completion. In queue: 293
16:09:59.0776 0x2d14  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
16:09:59.0777 0x2d14  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
16:09:59.0777 0x2d14  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41000 ( enabled : updated )
16:09:59.0778 0x2d14  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41010 ( enabled )
16:10:00.0190 0x2d14  ============================================================
16:10:00.0190 0x2d14  Scan finished
16:10:00.0190 0x2d14  ============================================================
16:10:00.0195 0x1e38  Detected object count: 0
16:10:00.0195 0x1e38  Actual detected object count: 0
         

Alt 01.06.2017, 19:11   #7
M-K-D-B
/// TB-Ausbilder
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



Servus,



Zitat:
185.93.180.131
Was kannst du mir zu dieser IP-Adresse sagen? Sie zeigt nach Amsterdam...




Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 4
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Alt 01.06.2017, 22:43   #8
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



Zitat:
Zitat von M-K-D-B Beitrag anzeigen
Servus,

Was kannst du mir zu dieser IP-Adresse sagen? Sie zeigt nach Amsterdam...
Ist ein gemieteter Proxy Server, denn ich auch gleichzeitig als VPN benutze.

War das die IP, die hier auf dem Board geloggt wurde ?

Zitat:
Zitat von M-K-D-B Beitrag anzeigen
Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung
Ich habe die neuste Malwarebytes Premium Version auf dem betroffenen PC (Vers. 3.0.6).
Version 2 hatte ich vor langer Zeit deinstalliert.

Dennoch den Schritt ausführen und reinstallieren ?

edit :

Die ausgehende IP-Adresse von "Tradeexchange", welche von Malwarebytes geblockt wird, gehört zu Google.

Details :
IP-Addresse
104.197.47.161
Google Inc. Search Google Inc. at Google California (CA) California
161.47.197.104.bc.googleusercontent.com

externe Quelle für Screenshot : "hxxp://www.directupload.net/file/d/4739/uzksa5fb_jpg.htm"

ADWCleaner - LOG

Code:
ATTFilter
# AdwCleaner v6.047 - Bericht erstellt am 01/06/2017 um 23:31:25
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-04-21.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Rambo411 - GAMER-PC
# Gestartet von : C:\Users\Rambo411\Downloads\adwcleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1637 Bytes] - [11/04/2017 15:33:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [1136 Bytes] - [01/06/2017 23:31:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [1740 Bytes] - [11/04/2017 15:31:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [1491 Bytes] - [11/04/2017 15:38:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [1565 Bytes] - [22/04/2017 04:00:36]
C:\AdwCleaner\AdwCleaner[S3].txt - [1637 Bytes] - [26/04/2017 23:28:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [1710 Bytes] - [26/04/2017 23:33:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [1783 Bytes] - [28/05/2017 23:48:18]
C:\AdwCleaner\AdwCleaner[S6].txt - [1856 Bytes] - [01/06/2017 23:31:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1720 Bytes] ##########
         
MBAM - LOG

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.06.17
Scan-Zeit: 23:33
Protokolldatei: malwarebytesscan.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.2068
Lizenz: Premium

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: GAMER-PC\Rambo411

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 430348
Abgelaufene Zeit: 1 Min., 54 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST.txt LOG

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2017
durchgeführt von Rambo411 (Administrator) auf GAMER-PC (01-06-2017 23:37:04)
Gestartet von C:\Users\Rambo411\Downloads
Geladene Profile: Rambo411 (Verfügbare Profile: Rambo411 & Administrator)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-11-18] ()
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1191472 2017-03-08] (CyberGhost S.R.L.)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-04] (SUPERAntiSpyware)
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {3d9dbf92-3c8a-11e7-831f-bc5ff4b9eb76} - "G:\AutoRun.exe" 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {5f60547a-3b83-11e7-8315-bc5ff4b9eb76} - "G:\AutoRun.exe" 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\MountPoints2: {5f6054c3-3b83-11e7-8315-bc5ff4b9eb76} - "G:\AutoRun.exe" 
Startup: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CyberghostCheatEngine.bat - Verknüpfung.lnk [2017-02-01]
ShortcutTarget: CyberghostCheatEngine.bat - Verknüpfung.lnk -> C:\Dokumente\CyberghostChatEngine.bat ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 keystone.mwbsys.com 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{cbfafe5b-6c62-4d58-9749-42341323addd}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.2.1/
SearchScopes: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-18] (Wondershare)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender)
IE Session Restore: HKU\S-1-5-21-2067299650-1304287427-3702207109-1001 -> ist aktiviert.

FireFox:
========
FF DefaultProfile: l1qcx6de.default
FF ProfilePath: C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default [2017-06-01]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\elemhidehelper@adblockplus.org.xpi [2017-04-14]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\firefox@zenmate.com.xpi [2017-04-21]
FF Extension: (LavaFox V2) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\info@djzig.com [2017-04-11]
FF Extension: (NoScript) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-23]
FF Extension: (YouTube High Definition) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2017-04-11]
FF Extension: (Adblock Plus) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-28]
FF Extension: (Popup Blocker (strict)) - C:\Users\Rambo411\AppData\Roaming\Mozilla\Firefox\Profiles\l1qcx6de.default\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2017-05-05]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-04-21]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-04-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> c:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> c:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Google Präsentationen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-11]
CHR Extension: (Google Docs) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Google Drive) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (YouTube) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Adblock Plus) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-11]
CHR Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogeabecipmckmihpmkgjbghbffcebcf [2017-05-22]
CHR Extension: (Google Tabellen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Slither.io Mod Play with friends Without LAGS) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\foocpcikeakahdlplgpgfoilanoajijf [2017-04-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-11]
CHR Extension: (Black red shards) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2017-05-25]
CHR Extension: (Popup Blocker Pro) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2017-05-28]
CHR Extension: (Nehmen Sie Screenshot der Webseite - FireShot) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-05-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Splix.io Mods) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmnnafdmbljafhmjmpmdcpinpkbbjpha [2017-04-30]
CHR Extension: (WebRTC Network Limiter) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2017-04-11]
CHR Extension: (Google Mail) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Rambo411\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2017-04-20] (Bitdefender)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-18] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-18] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-20] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1442896 2017-05-29] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-05-29] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [879600 2017-05-29] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
S3 dtscsibus; C:\WINDOWS\system32\DRIVERS\dtscsibus.sys [29696 2016-06-24] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-19] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-15] (Bitdefender)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-19] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-06-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-06-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-06-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-06-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81232 2016-12-15] (Insecure.Com LLC.)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-16] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-01 23:36 - 2017-06-01 23:36 - 00000000 ____D C:\Users\Rambo411\Downloads\FRST-OlderVersion
2017-06-01 23:35 - 2017-06-01 23:35 - 00001244 _____ C:\Users\Rambo411\Desktop\malwarebytesscan.txt
2017-06-01 23:33 - 2017-06-01 23:33 - 00001802 _____ C:\Users\Rambo411\Desktop\AdwCleaner[C2].txt
2017-06-01 23:26 - 2017-06-01 23:26 - 04110280 _____ C:\Users\Rambo411\Downloads\adwcleaner_6.047 (1).exe
2017-06-01 18:13 - 2017-06-01 23:32 - 00000021 _____ C:\WINDOWS\S.dirmngr
2017-06-01 17:58 - 2017-02-01 19:52 - 00000138 _____ C:\Users\Rambo411\Desktop\CyberghostChatEngine.bat
2017-06-01 17:46 - 2017-06-01 17:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-01 17:45 - 2017-06-01 17:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Rambo411\Downloads\mbar-1.09.3.1001.exe
2017-06-01 16:10 - 2017-06-01 16:10 - 00000000 _____ C:\Users\Rambo411\Desktop\Neues Textdokument.txt
2017-06-01 16:08 - 2017-06-01 16:18 - 00289408 _____ C:\TDSSKiller.3.1.0.15_01.06.2017_16.08.40_log.txt
2017-06-01 16:08 - 2017-06-01 16:08 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Rambo411\Downloads\tdsskiller.exe
2017-06-01 16:00 - 2017-06-01 16:20 - 00050565 _____ C:\Users\Rambo411\Downloads\Addition.txt
2017-06-01 15:59 - 2017-06-01 23:37 - 00023494 _____ C:\Users\Rambo411\Downloads\FRST.txt
2017-06-01 15:59 - 2017-06-01 23:37 - 00000000 ____D C:\FRST
2017-06-01 15:58 - 2017-06-01 23:36 - 02433536 _____ (Farbar) C:\Users\Rambo411\Downloads\FRST64.exe
2017-05-28 23:42 - 2017-05-28 23:42 - 04110280 _____ C:\Users\Rambo411\Downloads\adwcleaner_6.047.exe
2017-05-28 23:42 - 2017-05-28 23:42 - 01663672 _____ (Malwarebytes) C:\Users\Rambo411\Downloads\JRT813.exe
2017-05-27 23:47 - 2017-05-31 16:56 - 00000056 _____ C:\Users\Rambo411\Desktop\rahmen.txt
2017-05-26 23:35 - 2017-05-26 23:50 - 00000000 ____D C:\Users\Rambo411\AppData\Local\RockGodTycoon
2017-05-26 00:17 - 2017-05-26 00:31 - 00000534 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6.job
2017-05-26 00:17 - 2017-05-26 00:17 - 00003688 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6
2017-05-26 00:17 - 2017-05-26 00:17 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\SUPERAntiSpyware.com
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-05-26 00:17 - 2017-05-26 00:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-05-25 22:43 - 2017-05-25 22:44 - 00000000 ____D C:\Fraps
2017-05-25 22:43 - 2017-05-25 22:43 - 00000609 _____ C:\Users\Public\Desktop\Fraps.lnk
2017-05-25 22:43 - 2017-05-25 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-05-25 19:26 - 2017-05-25 19:26 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\11bitstudios
2017-05-25 18:22 - 2017-05-25 18:22 - 00000222 _____ C:\Users\Rambo411\Desktop\This War of Mine.url
2017-05-25 16:30 - 2017-05-25 16:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rambo411\Downloads\HijackThis_2.0.5.exe
2017-05-25 16:12 - 2017-05-25 16:12 - 00001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-23 11:39 - 2017-05-23 11:39 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\SilentDreams
2017-05-19 14:13 - 2017-06-01 23:32 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-19 14:12 - 2017-06-01 23:32 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-19 14:12 - 2017-06-01 23:32 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-19 14:12 - 2017-06-01 23:32 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-19 14:12 - 2017-05-19 15:13 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-19 14:12 - 2017-05-19 14:12 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-19 14:12 - 2017-05-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-19 14:12 - 2017-05-19 14:12 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-19 13:47 - 2017-06-01 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 12:49 - 2017-05-18 13:46 - 00001312 _____ C:\Users\Rambo411\Desktop\FIFA Manager  17.lnk
2017-05-18 10:31 - 2017-05-18 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2017-05-18 07:53 - 2017-05-18 07:55 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-05-18 02:12 - 2017-05-18 02:12 - 00001613 _____ C:\Users\Public\Desktop\Uplink.lnk
2017-05-18 02:12 - 2017-05-18 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uplink [GOG.com]
2017-05-18 02:03 - 2017-05-18 02:03 - 00000000 ____D C:\Users\Rambo411\AppData\Local\FXG
2017-05-17 03:52 - 2017-05-17 03:52 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 03:52 - 2017-05-17 03:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 03:52 - 2017-05-17 03:52 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-17 03:51 - 2017-05-17 03:51 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-17 01:13 - 2017-05-17 01:13 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\Daedalic Entertainment GmbH
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-12 03:49 - 2017-05-12 03:49 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-05-10 12:03 - 2017-05-10 12:03 - 00000000 ____D C:\Users\Rambo411\AppData\Local\ProjectPokémon
2017-05-10 07:11 - 2017-05-10 07:17 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
2017-05-10 02:42 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 02:42 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 02:42 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 02:42 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 02:42 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 02:42 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-10 02:42 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 02:42 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 02:42 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-10 02:42 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 02:42 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 02:42 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 02:42 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 02:42 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-10 02:42 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 02:42 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 02:42 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 02:42 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 02:42 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 02:42 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 02:42 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 02:42 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 02:42 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 02:42 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-10 02:42 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 02:42 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-10 02:42 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-10 02:42 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 02:42 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 02:42 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 02:42 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 02:42 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 02:42 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 02:42 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 02:42 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 02:42 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 02:42 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-10 02:42 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 02:41 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 02:41 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 02:41 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 02:41 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 02:41 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 02:41 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 02:41 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 02:41 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 02:41 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 02:41 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 02:41 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 02:41 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 02:41 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 02:41 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 02:41 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-10 02:41 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 02:41 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 02:41 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 02:41 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 02:41 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 02:41 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 02:41 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 02:41 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 02:41 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 02:41 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 02:41 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 02:41 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 02:41 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-10 02:41 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-10 02:41 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 02:41 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-10 02:41 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 02:41 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 02:41 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 02:41 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 02:41 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 02:41 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 02:41 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 02:41 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 02:41 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 02:41 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-10 02:41 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 02:41 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 02:41 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 02:41 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 02:41 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 02:41 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-10 02:41 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 02:41 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 02:41 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 02:41 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 02:41 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 02:41 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 02:41 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 02:41 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-10 02:41 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 02:41 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-10 02:41 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 02:41 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 02:41 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 10:28 - 2017-05-16 04:09 - 00000000 ____D C:\Users\Rambo411\Downloads\emu
2017-05-07 04:57 - 2017-05-07 04:57 - 00000000 ____D C:\Users\Rambo411\AppData\Local\DBG
2017-05-05 08:25 - 2017-05-05 08:25 - 00040627 _____ C:\ProgramData\dm.update.1493965544.bdinstall.bin
2017-05-05 07:24 - 2017-05-05 07:24 - 00023296 _____ C:\ProgramData\dm.1493961896.10036.bin
2017-05-04 20:56 - 2017-05-04 20:56 - 00057007 _____ C:\ProgramData\dm.1493924154.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 21:12 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-04 20:55 - 2017-05-04 20:55 - 00424333 _____ C:\ProgramData\cl.1493923975.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 20:55 - 00000000 ____D C:\ProgramData\Bitdefender Device Management
2017-05-04 20:54 - 2017-05-29 23:20 - 01612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-05-04 20:54 - 2017-05-29 23:20 - 00879600 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2017-05-04 20:54 - 2017-05-04 20:55 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Bitdefender
2017-05-04 20:54 - 2017-05-04 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-04 20:54 - 2017-03-15 08:03 - 00305120 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-05-04 20:54 - 2016-03-14 22:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-05-04 20:54 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2017-05-04 20:53 - 2017-05-04 21:12 - 00000000 ____D C:\ProgramData\Bitdefender
2017-05-04 20:53 - 2017-05-04 20:55 - 00000000 ____D C:\Program Files\Bitdefender
2017-05-04 20:53 - 2016-10-29 09:54 - 00182944 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-05-04 20:53 - 2016-06-22 15:40 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-05-04 20:52 - 2017-05-04 20:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2017-05-04 20:47 - 2017-06-01 23:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-04 20:47 - 2017-05-04 20:47 - 00049380 _____ C:\ProgramData\agent.1493923632.bdinstall.bin
2017-05-04 20:44 - 2017-05-04 20:44 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-04 20:44 - 2017-05-04 20:44 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-04 20:44 - 2017-05-04 20:44 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-04 20:44 - 2017-05-04 20:44 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-04 20:44 - 2017-05-04 20:44 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-04 20:44 - 2017-05-04 20:44 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-04 20:42 - 2017-05-04 20:42 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files\MSBuild
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-04 20:42 - 2017-05-04 20:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-04 20:42 - 2017-05-04 19:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-04 20:42 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-04 20:42 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-04 20:42 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-04 20:41 - 2017-05-04 20:41 - 00003798 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-04 20:39 - 2017-05-04 20:39 - 00000000 ____D C:\WINDOWS\Panther
2017-05-04 19:58 - 2017-05-04 19:58 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-04 19:57 - 2017-05-04 19:57 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-04 19:55 - 2017-05-04 19:55 - 00000020 ___SH C:\Users\Rambo411\ntuser.ini
2017-05-04 19:54 - 2017-06-01 23:36 - 02665282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-04 19:54 - 2017-05-04 19:54 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-04 19:54 - 2017-05-04 19:54 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-04 19:52 - 2017-06-01 23:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 19:52 - 2017-05-14 05:51 - 00004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-04 19:52 - 2017-05-14 05:51 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-04 19:52 - 2017-05-04 19:52 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-04 19:52 - 2017-05-04 19:52 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-04 19:52 - 2017-05-04 19:52 - 00003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19600603-5442-4FBF-A0B1-388249D6C016}
2017-05-04 19:52 - 2017-05-04 19:52 - 00003086 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2017-05-04 19:52 - 2017-05-04 19:52 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2067299650-1304287427-3702207109-1001
2017-05-04 19:52 - 2017-05-04 19:52 - 00002708 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2017-05-04 19:52 - 2017-05-04 19:52 - 00002316 _____ C:\WINDOWS\System32\Tasks\{495080D5-3D77-4CE1-9881-C9808F09F9C2}
2017-05-04 19:52 - 2017-05-04 19:52 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-04 19:52 - 2017-05-04 19:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-04 19:52 - 2017-05-04 19:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-05-04 19:50 - 2017-05-04 19:50 - 00000000 ____D C:\ProgramData\USOShared
2017-05-04 19:49 - 2017-05-04 19:49 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-04 19:48 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-04 19:47 - 2017-06-01 16:57 - 00000000 ____D C:\Users\Rambo411
2017-05-04 19:47 - 2017-05-04 19:50 - 00000000 ____D C:\Users\Administrator
2017-05-04 19:47 - 2017-05-04 19:49 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-04 19:47 - 2017-05-04 19:47 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Vorlagen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Startmenü
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Netzwerkumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Lokale Einstellungen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Eigene Dateien
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Druckumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Local\Verlauf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\AppData\Local\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Rambo411\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-05-04 19:47 - 2017-05-04 19:47 - 00000000 ____D C:\Program Files\Realtek
2017-05-04 19:46 - 2017-06-01 23:31 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-04 19:46 - 2017-06-01 23:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-04 19:46 - 2017-05-17 03:52 - 00000000 ____D C:\Program Files\AMD
2017-05-04 19:46 - 2017-05-10 19:36 - 00251216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-04 19:46 - 2017-05-04 19:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-03 19:36 - 2017-05-03 19:36 - 00000000 ____D C:\Users\Rambo411\AppData\Local\UNP
2017-05-03 18:36 - 2017-05-04 19:49 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 18:36 - 2017-05-03 18:37 - 00000000 ____D C:\Program Files\UNP

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-01 23:36 - 2017-03-20 06:41 - 01239166 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-01 23:36 - 2017-03-20 06:41 - 00288274 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-01 23:31 - 2017-04-11 15:28 - 00000000 ____D C:\AdwCleaner
2017-06-01 23:31 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-01 23:31 - 2016-06-24 15:50 - 00135968 _____ C:\bdlog.txt
2017-06-01 23:31 - 2016-06-24 15:49 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-01 18:43 - 2016-06-24 21:29 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\vlc
2017-06-01 18:20 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-01 18:20 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-01 18:08 - 2017-02-07 05:36 - 00000427 _____ C:\Users\Rambo411\Desktop\Konfigurationsprogramm.website
2017-06-01 15:26 - 2016-10-29 14:01 - 00000000 ____D C:\Users\Rambo411\AppData\Local\JDownloader v2.0
2017-06-01 01:03 - 2017-01-17 04:46 - 00000000 ____D C:\Users\Rambo411\Downloads\JDownloads
2017-05-31 20:30 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 18:04 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-31 18:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-29 00:15 - 2016-12-05 23:35 - 00000000 ____D C:\Users\Rambo411\AppData\LocalLow\Mozilla
2017-05-29 00:00 - 2017-04-11 23:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 23:13 - 2016-10-15 00:55 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-27 19:32 - 2017-01-05 02:56 - 00000000 ____D C:\Users\Rambo411\Downloads\vorübergehend
2017-05-27 19:14 - 2016-11-08 23:11 - 00000000 ____D C:\Games
2017-05-25 18:22 - 2017-02-16 01:33 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-25 16:34 - 2017-02-07 05:08 - 00000000 ____D C:\Program Files\Nitro
2017-05-23 09:25 - 2016-08-29 22:09 - 00000000 ___RD C:\Dokumente
2017-05-23 08:41 - 2016-06-24 16:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 08:39 - 2016-06-24 16:22 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-20 00:38 - 2017-01-03 16:44 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Daedalic Entertainment GmbH
2017-05-18 10:36 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Origin
2017-05-18 10:31 - 2016-06-24 16:59 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Origin
2017-05-18 10:31 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-05-18 07:52 - 2016-09-19 15:43 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-18 04:43 - 2016-10-15 01:06 - 00000000 ____D C:\Users\Rambo411\AppData\Local\TurmoilSteam
2017-05-18 02:12 - 2016-11-08 03:13 - 00000000 ____D C:\GOG Games
2017-05-18 01:38 - 2017-03-29 16:10 - 00000065 _____ C:\Users\Rambo411\AppData\Roaming\~SiMPLEX.ini
2017-05-17 03:51 - 2017-02-13 21:47 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-03 19:52 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-03 19:52 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-03 19:52 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-03 19:52 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 01:25 - 2017-04-11 22:57 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-15 04:27 - 2016-06-24 13:49 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Packages
2017-05-14 18:27 - 2016-06-26 23:59 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\TS3Client
2017-05-14 06:45 - 2016-06-24 17:11 - 00000000 ____D C:\Users\Rambo411\AppData\Local\Adobe
2017-05-14 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-14 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 22:46 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 19:36 - 2016-06-24 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 15:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 07:17 - 2016-12-29 17:37 - 00000000 ____D C:\Users\Rambo411\AppData\Local\SquirrelTemp
2017-05-10 02:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 10:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-05 10:15 - 2016-06-24 21:28 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\MPC-HC
2017-05-05 01:14 - 2017-04-27 17:56 - 00000000 ____D C:\Users\Rambo411\Downloads\cemu_1.7.0
2017-05-04 20:45 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-04 20:44 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-04 20:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-04 20:44 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-04 20:43 - 2016-06-24 15:49 - 00000000 ____D C:\ProgramData\BDLogging
2017-05-04 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-04 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-04 20:42 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TFTP.EXE
2017-05-04 20:42 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-04 20:42 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-04 20:42 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-04 19:58 - 2016-06-24 15:09 - 00002396 _____ C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-04 19:58 - 2016-06-24 15:09 - 00000000 ___RD C:\Users\Rambo411\OneDrive
2017-05-04 19:55 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-04 19:55 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-04 19:55 - 2016-08-11 14:50 - 00000000 ____D C:\Users\Rambo411\AppData\Local\ConnectedDevicesPlatform
2017-05-04 19:55 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-04 19:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-04 19:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-04 19:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-04 19:52 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-04 19:52 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-04 19:52 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-04 19:52 - 2016-06-24 15:03 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-04 19:50 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-04 19:49 - 2017-04-18 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-04 19:49 - 2017-04-11 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-04 19:49 - 2017-03-02 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
2017-05-04 19:49 - 2017-02-07 06:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2017-05-04 19:49 - 2017-02-07 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-05-04 19:49 - 2017-02-06 04:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-05-04 19:49 - 2017-01-28 21:19 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-04 19:49 - 2017-01-20 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-05-04 19:49 - 2017-01-14 07:50 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\Npcap
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\WINDOWS\system32\Npcap
2017-05-04 19:49 - 2017-01-12 19:26 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2017-05-04 19:49 - 2017-01-10 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-04 19:49 - 2017-01-10 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-05-04 19:49 - 2017-01-10 01:08 - 00000000 ____D C:\WINDOWS\de
2017-05-04 19:49 - 2017-01-05 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-05-04 19:49 - 2016-11-11 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2017-05-04 19:49 - 2016-10-19 11:59 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-05-04 19:49 - 2016-09-18 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2017-05-04 19:49 - 2016-08-22 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-05-04 19:49 - 2016-07-30 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms World Party Remastered [GOG.com]
2017-05-04 19:49 - 2016-07-29 19:39 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gehirntraining mit Dr. Kawashima
2017-05-04 19:49 - 2016-07-26 14:07 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2017-05-04 19:49 - 2016-07-06 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2017-05-04 19:49 - 2016-06-24 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-05-04 19:49 - 2016-06-24 21:28 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4
2017-05-04 19:49 - 2016-06-24 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-05-04 19:49 - 2016-06-24 20:50 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-04 19:49 - 2016-06-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-04 19:49 - 2016-06-24 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-05-04 19:49 - 2016-06-24 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-04 19:49 - 2016-06-24 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2017-05-04 19:49 - 2016-06-24 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2
2017-05-04 19:49 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-04 19:49 - 2016-06-24 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-05-04 19:49 - 2016-06-24 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2017-05-04 19:49 - 2016-06-24 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Control
2017-05-04 19:49 - 2016-06-24 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
2017-05-04 19:49 - 2016-06-24 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-05-04 19:49 - 2016-06-24 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
2017-05-04 19:49 - 2016-06-24 16:04 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-04 19:49 - 2016-06-24 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-04 19:49 - 2016-06-24 13:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-04 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-04 19:48 - 2017-01-30 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-05-04 19:48 - 2016-12-09 17:06 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-04 19:48 - 2016-11-11 01:20 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-05-04 19:48 - 2016-11-11 01:18 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-04 19:48 - 2016-08-29 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-05-04 19:48 - 2016-06-24 13:56 - 00000000 ____D C:\Program Files\Intel
2017-05-04 19:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-04 19:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-04 19:47 - 2017-04-24 01:51 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaximumOctopus
2017-05-04 19:47 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-04 18:10 - 2017-02-07 05:09 - 00000000 ____D C:\Users\Rambo411\AppData\Roaming\Nitro

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-29 16:10 - 2017-05-18 01:38 - 0000065 _____ () C:\Users\Rambo411\AppData\Roaming\~SiMPLEX.ini
2017-02-07 06:22 - 2017-02-07 06:22 - 0000058 _____ () C:\Users\Rambo411\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-01-12 20:24 - 2017-01-12 20:27 - 0000600 _____ () C:\Users\Rambo411\AppData\Local\PUTTY.RND
2017-04-04 17:03 - 2017-04-04 17:03 - 0001510 _____ () C:\Users\Rambo411\AppData\Local\recently-used.xbel
2017-03-04 00:50 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Rambo411\AppData\Local\TroubleshooterConfig.json
2017-01-12 04:53 - 2017-01-15 16:54 - 0001008 _____ () C:\Users\Rambo411\AppData\Local\zenmap.exe.log
2017-05-04 20:47 - 2017-05-04 20:47 - 0049380 _____ () C:\ProgramData\agent.1493923632.bdinstall.bin
2017-05-04 20:55 - 2017-05-04 20:55 - 0424333 _____ () C:\ProgramData\cl.1493923975.bdinstall.bin
2017-05-04 20:56 - 2017-05-04 20:56 - 0057007 _____ () C:\ProgramData\dm.1493924154.bdinstall.bin
2017-05-05 07:24 - 2017-05-05 07:24 - 0023296 _____ () C:\ProgramData\dm.1493961896.10036.bin
2017-05-05 08:25 - 2017-05-05 08:25 - 0040627 _____ () C:\ProgramData\dm.update.1493965544.bdinstall.bin
2017-04-11 15:17 - 2017-04-11 15:17 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Einige Dateien in TEMP:
====================
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole1822498187602161610.dll
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole2070929330575135854.dll
2017-06-01 01:21 - 2017-06-01 01:21 - 0040448 ____N () C:\Users\Rambo411\AppData\Local\Temp\proxy_vole2615208945838996534.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-26 01:24

==================== Ende von FRST.txt ============================
         

Geändert von jarobmar (01.06.2017 um 22:24 Uhr)

Alt 01.06.2017, 22:44   #9
jarobmar
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



FRST - ADDITION LOG

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-06-2017
durchgeführt von Rambo411 (01-06-2017 23:37:34)
Gestartet von C:\Users\Rambo411\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-04 17:55:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067299650-1304287427-3702207109-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2067299650-1304287427-3702207109-503 - Limited - Disabled)
Gast (S-1-5-21-2067299650-1304287427-3702207109-501 - Limited - Disabled)
Rambo411 (S-1-5-21-2067299650-1304287427-3702207109-1001 - Administrator - Enabled) => C:\Users\Rambo411

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.5 - Angry IP Scanner)
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Belkin Connect Wireless USB Adapter (HKLM-x32\...\InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}) (Version: 1.0.0.3 - Belkin)
Belkin Connect Wireless USB Adapter (x32 Version: 1.0.0.3 - Belkin) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.49 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.24.54 - Bitdefender)
Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.25.80 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monopoly (HKLM-x32\...\{472FC1CB-A598-4839-AF33-C68D548AB002}) (Version: 1.1.1 - LeeGT-Games)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Mozilla Thunderbird 45.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.0 (x86 de)) (Version: 45.7.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Nmap 7.40 (HKLM-x32\...\Nmap) (Version: 7.40 - )
Npcap 0.78 r5 (HKLM-x32\...\NpcapInst) (Version: 0.78 r5 - Nmap Project)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.22 (HKLM\...\{A961B9B7-C851-411E-907A-E7E96C631369}) (Version: 5.0.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1240 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Turmoil (HKLM\...\Steam App 361280) (Version:  - Gamious)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplink (HKLM-x32\...\GOGPACKUPLINK_is1) (Version: 2.0.0.5 - GOG.com)
USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version:   -  )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 2.2.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Wondershare Video Converter Ultimate(Build 9.0.0.4) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.0.4 - Wondershare Software)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04D42EDC-2FC6-4388-AFE4-788703C3CC33} - System32\Tasks\{495080D5-3D77-4CE1-9881-C9808F09F9C2} => Chrome.exe hxxps://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.30.0.105&amp;LastError=12057
Task: {0CD3060E-E08E-4E2A-9D12-C14081AE9C0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {1C8A62AA-E4A5-49EA-AB9C-31521A4DEB73} - \WPD\SqmUpload_S-1-5-21-2067299650-1304287427-3702207109-1001 -> Keine Datei <==== ACHTUNG
Task: {20A98B74-F23D-42C6-AFDD-46B0A6AC3555} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {22D965AD-E4E6-4E49-90E9-7F3F96E287E7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {357F60EB-9525-4922-94B5-D8E30DDDE5E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {3D451760-879D-4CEB-9187-D12AE34B96EB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-14] (Adobe Systems Incorporated)
Task: {3F7BBC5D-9B2F-40E9-AFD6-75925054439D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7DD7CCAF-6702-4D62-B532-7BAA80237519} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {9F5D66B4-0FDD-4F2A-ADEC-959F786A7733} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {CC0048B5-29F8-46CE-8832-BD6EC5EACC68} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-20] (Bitdefender)
Task: {E646F3F2-0DB2-4207-AEDF-C838B730C3BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {F11CFE9E-CF2B-4CA1-998F-A289F641E9B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F2E1479D-37F7-4211-A195-89E1A7035A43} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 90c35e23-0c46-43d5-adf9-def4d25498d6.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/foru
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com
Shortcut: C:\Users\Rambo411\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CyberghostCheatEngine.bat - Verknüpfung.lnk -> C:\Dokumente\CyberghostChatEngine.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-04 20:54 - 2013-09-03 14:29 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-05-04 20:54 - 2017-02-07 12:34 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl
2017-05-04 20:54 - 2017-02-07 12:34 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl
2016-08-18 10:27 - 2016-08-18 10:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-19 14:12 - 2017-05-19 15:13 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-19 14:12 - 2017-05-19 15:13 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-30 07:54 - 2015-02-27 15:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-12-06 16:09 - 2016-12-06 16:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-05-29 23:21 - 2017-05-29 23:21 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-DE\bdsystray.txtui
2016-08-18 10:14 - 2016-08-18 10:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 10:03 - 2016-08-18 10:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 10:14 - 2016-08-18 10:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 10:17 - 2016-08-18 10:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-08-18 10:09 - 2016-08-18 10:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-09-19 15:43 - 2017-05-18 07:52 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-06-24 13:57 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Rambo411\Downloads\adwcleaner_6.047 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\adwcleaner_6.047.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\JRT813.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\mbar-1.09.3.1001.exe:BDU [0]
AlternateDataStreams: C:\Users\Rambo411\Downloads\tdsskiller.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-01-30 01:51 - 2017-06-01 23:32 - 00000055 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rambo411\AppData\Local\Stardock\desktop-hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "Bitdefender"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6098EA2AF440ADD8C50EA3EB25EDD60C"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2067299650-1304287427-3702207109-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

25-05-2017 16:34:12 Revo Uninstaller Pro's restore point - Nitro Pro
25-05-2017 16:34:28 Removed Nitro Pro
25-05-2017 19:26:04 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
25-05-2017 22:38:40 Revo Uninstaller Pro's restore point - Fraps
26-05-2017 00:14:23 Revo Uninstaller Pro's restore point - Wisdom-soft AutoScreenRecorder 3.1 Free
27-05-2017 19:14:26 Revo Uninstaller Pro's restore point - Dead Age
28-05-2017 23:48:30 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/01/2017 11:31:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vsserv.exe, Version: 21.0.25.92, Zeitstempel: 0x5926cd41
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000105a50
ID des fehlerhaften Prozesses: 0x5c8
Startzeit der fehlerhaften Anwendung: 0x01d2daf2027d36b5
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: c90b884d-2fdf-46ac-b060-74f781e55960
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/01/2017 07:05:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GAMER-PC)
Description: Das Paket „Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (06/01/2017 06:13:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vsserv.exe, Version: 21.0.25.92, Zeitstempel: 0x5926cd41
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000105a50
ID des fehlerhaften Prozesses: 0x5c4
Startzeit der fehlerhaften Anwendung: 0x01d2daf0ee802cea
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: a6a3fded-96f7-420b-8092-2dc69c478e7f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/01/2017 06:12:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdwfdtls.exe, Version: 21.0.25.90, Zeitstempel: 0x5924576d
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x3330
Startzeit der fehlerhaften Anwendung: 0x01d2daf1e74faad7
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\bdwfdtls.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: d0a9ab5e-7a10-46ed-883a-63a023c815c3
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/01/2017 06:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdtkexec.exe, Version: 21.0.25.76, Zeitstempel: 0x58f8c5ee
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x252c
Startzeit der fehlerhaften Anwendung: 0x01d2daf1c93c28e7
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\bdtkexec.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: 68ba9ad1-a37c-43f0-b620-3841ed3b8b00
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/01/2017 06:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.0.0.912, Zeitstempel: 0x58811d74
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x5849a177
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00171473
ID des fehlerhaften Prozesses: 0x120c
Startzeit der fehlerhaften Anwendung: 0x01d2daf071d9da28
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 4428072b-3867-4e1c-b02f-9f9f5bfe72b9
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/01/2017 06:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vsserv.exe, Version: 21.0.25.92, Zeitstempel: 0x5926cd41
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000105a50
ID des fehlerhaften Prozesses: 0x680
Startzeit der fehlerhaften Anwendung: 0x01d2da2799b9f4a3
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 38702c12-542e-4b48-b58b-9316fecc75a7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4657

Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4657

Error: (05/31/2017 07:19:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (06/01/2017 11:32:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/01/2017 11:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 6 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wondershare Application Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bitdefender Product Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2017 11:31:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Logitech Gaming Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-06-01 23:32:05.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-01 18:13:35.363
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-01 18:05:53.621
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-01 18:02:18.275
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-01 18:00:46.467
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 18:04:38.327
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 17:56:38.783
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 17:56:38.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 15:16:29.801
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-05-31 15:16:29.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_007\avcuf64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8121.53 MB
Verfügbarer physikalischer RAM: 5591.43 MB
Summe virtueller Speicher: 9401.53 MB
Verfügbarer virtueller Speicher: 6841.73 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:222.79 GB) (Free:112.16 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 40EEB608)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Alt 02.06.2017, 19:45   #10
M-K-D-B
/// TB-Ausbilder
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



Servus,





Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    Task: {1C8A62AA-E4A5-49EA-AB9C-31521A4DEB73} - \WPD\SqmUpload_S-1-5-21-2067299650-1304287427-3702207109-1001 -> Keine Datei <==== ACHTUNG
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
  • Deinstalliere Google Chrome über die Systemsteuerung. (Bebilderte Anleitung)
  • Setze bei der Deinstallation auch einen Haken vor Auch die Browserdaten löschen (oder so ähnlich).
  • Starte den Rechner im Anschluss neu auf.
  • Installiere Google Chrome neu (falls benötigt). Keine Erweiterungen/Plugins installieren und nicht mit einem evtl. vorhandenen Konto verbinden/synchronisieren.





Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC oder mit Chrome?






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt),
  • die Beantwortung der gestellten Fragen.

Alt 05.06.2017, 12:37   #11
M-K-D-B
/// TB-Ausbilder
 
Tradeexchange.com Adware /Malwarebytes Alarm - Standard

Tradeexchange.com Adware /Malwarebytes Alarm



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu Tradeexchange.com Adware /Malwarebytes Alarm
adware, alarm, anleitung, avira, bitdefender, defender, deinstallation, entfernung, fehlalarm, geblockt, guten, internet, malwarebytes, mbam, problem, registry, scan, seite, sekunden, test, unregelmäßige, warnung, weiterleitung, win, öffnet



Ähnliche Themen: Tradeexchange.com Adware /Malwarebytes Alarm


  1. adware.chinad - Fund bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 05.04.2017 (17)
  2. Malwarebytes findet Adware.ChinAd
    Plagegeister aller Art und deren Bekämpfung - 25.03.2017 (18)
  3. Malwarebytes entdeckt Adware.ChinAd (Win7, 64 Bit)
    Plagegeister aller Art und deren Bekämpfung - 18.03.2017 (13)
  4. Adware Alarm auf meinem neuen Pc....
    Plagegeister aller Art und deren Bekämpfung - 18.10.2016 (27)
  5. Malwarebytes schlägt Alarm (PUP.Optional.Spigot)
    Plagegeister aller Art und deren Bekämpfung - 12.08.2016 (10)
  6. Malwarebytes findet: Adware.Trace in C:/end
    Plagegeister aller Art und deren Bekämpfung - 13.11.2015 (10)
  7. Windows 8.1: Trojaner Tradeexchange.com
    Log-Analyse und Auswertung - 05.10.2015 (5)
  8. Malwarebytes verleibt sich Adware-Killer ein
    Nachrichten - 23.06.2015 (0)
  9. Adware Agent/AgentCV -> Avira schlägt Alarm
    Plagegeister aller Art und deren Bekämpfung - 30.09.2014 (7)
  10. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  11. Firefox schlug wegen Spy und Adware Alarm Bin nicht sicher ob alles weg ist
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (13)
  12. Malwarebytes hat 2 Adware.DomaIQ gefunden
    Log-Analyse und Auswertung - 06.08.2013 (7)
  13. Malwarebytes hat adware bprot gefunden
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (11)
  14. Adware.Agent mit Malwarebytes gefunden
    Log-Analyse und Auswertung - 02.07.2013 (8)
  15. Malwarebytes hat 3 Adware.DomaIQ gefunden!HILFE!
    Log-Analyse und Auswertung - 17.06.2013 (13)
  16. Malwarebytes finder Adware.Onlinegames und PUP.OfferBundler.ST - Was tun?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (48)
  17. Malwarebytes findet Adware.Agent
    Log-Analyse und Auswertung - 19.12.2011 (1)

Zum Thema Tradeexchange.com Adware /Malwarebytes Alarm - Guten Tag, ich habe seit längerem das Problem, dass mir mein Malwarebytes Web-Schutz in unregelmäßigen Abständen mitteilt, dass die Seite "tradeexchange" erfolgreich geblockt wurde, wenn ich mit Chrome im Internet - Tradeexchange.com Adware /Malwarebytes Alarm...
Archiv
Du betrachtest: Tradeexchange.com Adware /Malwarebytes Alarm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.