Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   McAfee erkennt Trojaner / Zugriff auf Google Chrome durch Werbung und Downloads beschränkt (Win10) (https://www.trojaner-board.de/176726-mcafee-erkennt-trojaner-zugriff-google-chrome-werbung-downloads-beschraenkt-win10.html)

Ottokarl 09.03.2016 19:26
McAfee erkennt Trojaner / Zugriff auf Google Chrome durch Werbung und Downloads beschränkt (Win10)
 
Guten Abend.

Der Laptop einer Freundin wurde von einigen Trojanern heimgesucht.
Leider kennen wir uns nicht gut genug mit diesem Thema aus und ich hoffe Sie können uns weiterhelfen :).

Folgende Probleme:

-Google Chrome und Microsoft Edge lassen sich nicht mehr richtig öffnen bzw. versuchen Downloads zu starten. Zuvor wurde ständig zu Werbung u.ä. verlinkt.

-Der Schnellscan von McAfee zeigt keine Probleme an, im Sicherheitsbericht wurden aber 12 Trojaner als Bedrohung entdeckt.

-Zuvor starteten wir einen Komplett-Scan über McAfee und isolierten die Elemente - ohne Erfolg.

-zu den Elementen gehören u.a

BrowseFox.n
Speicherort C:/ProgramData/AppMgr2.12.4036661/AppMgr.exe

Artemis!542199EC8FAA
Speicherort C:/Users/Vanessa/AppData/Local/4182D470-1455662435-834C-AF25-F766BF10619A/qnsj8AAF.tmp

Ich hoffe das gibt einen kleinen Einblick.

Ich danke schon mal im Voraus für Ihre Hilfe.

MfG Ottokarl

burningice 09.03.2016 19:33
:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's :abklatsch:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Ottokarl 09.03.2016 19:54
Hier sind die Textdateien:

FRST

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Vanessa (Administrator) auf DESKTOP-5PNPL1E (09-03-2016 19:49:44)
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Checked List\updateCheckedList.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdCleaner.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\shopperz160220162237\Ieiviem.exe
() C:\Program Files\shopperz160220162237\Timsu.exe
() C:\Program Files\shopperz160220162237\csrcc.exe
() C:\Program Files\shopperz160220162237\Timsu64.exe
(Sound+) C:\Program Files\Sound+\Sound+.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
() C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe
() C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdxEngine.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdcUpdate.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM\...\Run: [Sound+] => C:\Program Files\Sound+\Sound+.exe [3601408 2016-02-03] (Sound+)
HKLM\...\Run: [IDSCPRODUCT] => C:\Program Files\Sound+\\idscservice.exe [29184 2016-02-16] (AboslutAA)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DailyWiki] => C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe [47959360 2016-01-11] ()
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Security Utility] => C:\Program Files (x86)\\securityutility\\securityutility\\2.0.0.1\securityutility.exe [290928 2015-12-25] (TODO: <Company name>)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [354976 2016-01-28] (Optimal Software s.r.o.)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-05]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f70dec5-ab41-11e5-b753-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 10.0.0.1
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Vanessa (2016-03-09 19:51:14)
Gestartet von C:\Users\Vanessa\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-25 20:30:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-483611294-2829987118-2205543787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-483611294-2829987118-2205543787-503 - Limited - Disabled)
Gast (S-1-5-21-483611294-2829987118-2205543787-501 - Limited - Disabled)
Vanessa (S-1-5-21-483611294-2829987118-2205543787-1001 - Administrator - Enabled) => C:\Users\Vanessa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Wonders 4: Magical Mystery Tour (HKLM-x32\...\7 Wonders 4: Magical Mystery Tour) (Version: 1.0.0.0 - INTENIUM GmbH)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader 6.0.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\Steam App 261430) (Version:  - NCSOFT)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.22.1.58906 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.22.3 - AVG Technologies) Hidden
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
Checked List (HKLM\...\Checked List) (Version: 2016.02.16.171538 - Checked List) <==== ACHTUNG
DailyWiki - DailyWiki for Desktop (HKLM-x32\...\DailyWiki) (Version: 5.5.1cm - DailyWiki) <==== ACHTUNG
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
DNS Unlocker version 1.4 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.4 - www.dnsunlocker.com) <==== ACHTUNG
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Edna Bricht Aus (HKLM-x32\...\EdnaSE) (Version: 1.0 - Daedalic Entertainment)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.0.1224 - DVDVideoSoft Ltd.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
Gomo (HKLM-x32\...\Gomo_is1) (Version: 1.1 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Heroes of Hellas (HKLM-x32\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
istartpageing uninstall (HKLM-x32\...\istartpageing uninstall) (Version:  - istartpageing) <==== ACHTUNG
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Lawn & Order 2: Die Gartenverschwörung (HKLM-x32\...\Lawn & Order 2: Die Gartenverschwörung) (Version: 0.0.0.0 - INTENIUM GmbH)
Lawn & Order: Die Gartenprofis (HKLM-x32\...\Lawn & Order: Die Gartenprofis) (Version: 0.0.0.0 - INTENIUM GmbH)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.171 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MPC AdCleaner (HKLM-x32\...\MPC AdCleaner) (Version:  - DotC United Inc)
MPC Cleaner (HKLM-x32\...\MPC) (Version:  - DotC United Inc)
MyBestOffersToday 000.037050240 (HKLM-x32\...\mbot_en_037050240_is1) (Version:  - MYBESTOFFERSTODAY) <==== ACHTUNG
Nero TuneItUp Free (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.4.1.1039 - Nero AG)
Note-UP (HKLM-x32\...\NUIns) (Version:  - QUAHOG LIMITED)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{e3b5e5c5-4557-4cbc-9927-7a947d002d51}) (Version: latest - ppy Pty Ltd)
PC Speed Up (HKLM\...\PCSU-SL_is1) (Version: 3.9.15.0 - Optimal Software s.r.o.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Royal Defense (HKLM-x32\...\RoyalDefense) (Version:  - )
Security Utility (HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Security Utility) (Version:  - Securityutility)
shopperz (HKLM-x32\...\{53260CAB-24BE-4131-90F9-DF8DD8C6CB86}) (Version: 2.0.0.476 - shopperz) <==== ACHTUNG
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Sound+ (HKLM\...\SoundPlus) (Version: 1.0 - )
SpaceSoundPro (HKLM\...\SpaceSoundPro) (Version: 1.0 - ) <==== ACHTUNG
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SunnyDay (HKLM-x32\...\SunnyDay3_is1) (Version:  - SUNNYDAY)
System Healer (HKLM-x32\...\SystemHealer) (Version: 4.1.0.0 - SystemHealer)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version:  - )
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wajam (HKLM-x32\...\WajaIntEn) (Version: 1.60.10.1 - Wajam) <==== ACHTUNG
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows-Treiberpaket - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
yessearches Uninstall (HKLM-x32\...\Uninstall cos1) (Version:  - ) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-483611294-2829987118-2205543787-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B15309-9A15-4F89-939C-8A946EABAF0A} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {03A2C72E-331C-4F11-89CC-D41D0C1B03B4} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {07D77B5A-A400-4FC2-B154-AA65D8A12A38} - System32\Tasks\System HealerPeriod => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-02-09] ()
Task: {0B3DF5AF-8685-41EB-899C-5A0C505C677D} - System32\Tasks\rdf3019 => C:\Program Files (x86)\QuickSearch\rdf3019.exe [2016-02-09] () <==== ACHTUNG
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10845013-BF46-4E5D-A7F8-D0C92B8EBCD9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {15F8E926-650D-40ED-956B-864A85F9E134} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {1721DE59-25BD-4C20-B102-95BBB8067EC5} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {36F3D662-AEB6-4574-8595-B8CDB1CA983A} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2016-01-28] (Optimal Software s.r.o.) <==== ACHTUNG
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4CB62699-3872-446F-B6B0-EE5F194E2D25} - System32\Tasks\System HealerStartUp => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-02-09] ()
Task: {54DD4881-ECB4-40B6-AD9C-4760870AC4AB} - System32\Tasks\SystemHealer Monitor => C:\Program Files (x86)\SystemHealer\HealerConsole.exe
Task: {56DA6D61-B091-41F1-A10B-CEF37BBF898B} - System32\Tasks\{0C050847-090B-0A7E-0E11-0A0A7E0A110D} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (Der Dateneintrag hat 9384 mehr Zeichen).
Task: {62D9AE64-16B6-4F1E-99F9-AE95A7625031} - System32\Tasks\MPC AdCleaner => C:\Program Files (x86)\MPC AdCleaner\AdCleaner.exe [2016-01-08] (DotC United Inc)
Task: {6779CC7C-151F-47FE-BA0A-9DFDB03DA8FB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {69A85AC5-00CD-4960-8C87-44AA9A6708C0} - System32\Tasks\Nero TuneItUp => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe [2015-12-18] (Nero AG)
Task: {6C74C4F8-6F6D-45C9-A5EB-7B2F34203A48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {6EAE7834-3618-4987-BC6D-800BA199D5C9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {7C7A727E-6D7B-4AAA-8D03-7C7F70C4C923} - System32\Tasks\SystemHealer Run Delay => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-02-09] ()
Task: {80291AB0-8F61-4C15-8820-E713556B3464} - System32\Tasks\Iwyqhowt => C:\Program Files\shopperz160220162237\Wokwe.bat [2016-02-16] () <==== ACHTUNG
Task: {86E40AB0-F3CB-4143-B4CE-2F0A5381A18A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {8BBF5639-0123-4E75-A788-A4E2DA6F3224} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe [2016-02-03] ()
Task: {9521437B-E580-4899-8638-053CCE36BA52} - System32\Tasks\Nero TuneItUp (Tray) => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe [2015-12-18] (Nero AG)
Task: {A2141CD3-585C-49AF-BDF5-22CBF603734C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {A56AFB05-3237-4708-AEC8-E06A16EC68DB} - System32\Tasks\{FABCEED8-3F2C-4C84-B0CF-01F6D4E53F5B} => pcalua.exe -a E:\FarCryAutoCD.exe -d E:\
Task: {A62B4474-18F2-4158-93FA-4EF643286875} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-02-15] (AVG Technologies CZ, s.r.o.)
Task: {AD3F2FE4-CAFB-4D7E-8D8E-364465F938A5} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {AF92B986-DE33-4872-B4F0-D846B5DDE1A7} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {C1766BD8-300E-4487-A008-225FC7F6A341} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {C590417E-8532-4D62-9921-4A0E59FE193D} - System32\Tasks\System Healer Task => C:\Program Files (x86)\SystemHealer\RescueMonitor.exe [2016-02-09] ()
Task: {C87A4943-158C-4FE8-A342-01B63AE6BA7B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {DC233B71-6562-4D52-AEC1-C0B30BBFA891} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {E0F2E963-FFA3-47DC-A8F0-5133B4292258} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-29] (Realtek Semiconductor)
Task: {E2B39533-47B9-4E57-B6EF-C3104DE9185B} - System32\Tasks\Security Utility Updater => C:\Program Files (x86)\\securityutility\\securityutility\\2.0.0.1\Security Utilityupdt.exe [2015-12-25] () <==== ACHTUNG
Task: {E3BF4274-C3E4-4B78-A9B4-B0FBECBDF562} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {E4389888-C5EC-4E72-B926-32C7A02B5134} - System32\Tasks\WpsNotifyTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F0F63C14-EC91-4475-8728-A14C01630782} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {F2C808F5-A339-4F47-8E0E-0A19E9AC8905} - System32\Tasks\WpsUpdateTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp.job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\System HealerPeriod.job =>
Task: C:\WINDOWS\Tasks\System HealerStartUp.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Public\Desktop\WPS Office.lnk -> C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\office6\launcher.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> hxxp://www.istartpageing.com/?type=sc&ts=1455655854&z=931f526fa14636f32b4bb5fgdz5wewaq1wdw1b3wcc&from=age&uid=HGSTXHTS545050A7E680_TMA51CTD211MJM211MJMX

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-22 15:05 - 2015-10-22 15:05 - 01927680 _____ () C:\Program Files\Sound+\SoundP.dll
2016-03-08 18:02 - 2016-03-08 18:02 - 00465088 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-02-22 13:53 - 2016-03-09 16:33 - 00658120 _____ () C:\Program Files (x86)\Checked List\updateCheckedList.exe
2016-03-08 19:26 - 2016-03-08 19:26 - 03103744 _____ () c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe
2015-12-25 20:47 - 2015-12-25 20:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-25 20:47 - 2015-12-25 20:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-16 21:40 - 2016-02-16 21:51 - 00329568 _____ () C:\Program Files\shopperz160220162237\Ogotonu64.DLL
2016-02-06 15:24 - 2016-02-06 15:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-25 20:47 - 2015-12-25 20:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-25 20:47 - 2015-12-25 20:47 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-16 21:40 - 2016-02-16 21:51 - 00232288 _____ () C:\Program Files\shopperz160220162237\Ieiviem.exe
2016-02-16 21:40 - 2016-02-16 21:51 - 00407552 _____ () C:\Program Files\shopperz160220162237\Timsu.exe
2016-02-16 21:40 - 2016-02-16 21:51 - 01496928 _____ () C:\Program Files\shopperz160220162237\csrcc.exe
2016-02-16 21:40 - 2016-02-16 21:51 - 00467296 _____ () C:\Program Files\shopperz160220162237\Timsu64.exe
2016-02-16 21:40 - 2016-02-16 21:51 - 00641888 _____ () C:\Program Files\shopperz160220162237\Gugkoj64.DLL
2016-02-16 21:40 - 2016-02-16 21:51 - 00312672 _____ () C:\Program Files\shopperz160220162237\Icuog64.DLL
2016-02-16 21:40 - 2016-02-16 21:51 - 00375808 _____ () C:\Program Files\shopperz160220162237\Uraco64.DLL
2016-01-11 22:08 - 2016-01-11 22:08 - 47959360 _____ () C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe
2016-02-16 21:37 - 2016-02-05 02:40 - 01588408 _____ () C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe
2016-01-13 18:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 18:19 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-07 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-07 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-16 21:41 - 2015-06-03 13:59 - 00040960 _____ () C:\Program Files (x86)\PC Speed Up\SharpBrake.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-02-16 21:41 - 2012-01-16 21:06 - 00577621 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2016-02-16 21:41 - 2014-11-26 09:34 - 00434688 _____ () C:\Program Files (x86)\PC Speed Up\PopupNotification.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-03-09 16:21 - 2016-01-08 10:19 - 00115168 _____ () C:\Program Files (x86)\MPC AdCleaner\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2016-02-16 21:51 - 00001253 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vanessa\Desktop\DCIM\DCIM\Camera\20150525_131105.jpg
DNS Servers: 82.163.143.144 - 82.163.142.146
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68C9D58C-372D-40B9-A1AD-30C06C09294A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BAC89DB-7A7C-4B1E-8AB8-DEB6173CD930}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09436CFC-4CBB-4975-ACAD-708993158B05}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1602656-3867-402C-B9AF-AA703B8784C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E5A94CB-EAE9-4E57-B5F5-B6D96344DF8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38079EA8-AD17-4E0A-9963-C0643E74980C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF69EBE0-E584-44B9-B68C-CD42A83C77C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{917A28EF-4788-41CB-A69E-38902C2B79E7}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{13425C54-0AA3-4AD9-AAFE-22501492CB91}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{A95D19AF-90D0-40DB-BD0D-5991C958E778}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6958E1D-42C5-46DB-AE72-9AB315544A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{9ABAB0D7-A4D0-408A-80B5-38C60520E23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{975AC3BF-3A7F-4E46-A566-B2B25307FA76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

09-02-2016 16:10:08 Windows Update
22-02-2016 09:07:25 Geplanter Prüfpunkt
03-03-2016 12:52:00 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2016 07:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3898

Startzeit: 01d17a2fec4db74a

Beendigungszeit: 4

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 5677c9e3-e623-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm sllauncher.exe, Version 5.1.30514.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d74

Startzeit: 01d17a1a25af36f3

Beendigungszeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe

Berichts-ID: 69fa92fe-e60d-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 04:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x33dc
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/09/2016 03:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/08/2016 10:31:34 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (03/08/2016 07:35:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DailyWiki.exe, Version: 0.0.0.0, Zeitstempel: 0x54f7d2ce
Name des fehlerhaften Moduls: windows.storage.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84db3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0010c4e2
ID des fehlerhaften Prozesses: 0x267c
Startzeit der fehlerhaften Anwendung: 0xDailyWiki.exe0
Pfad der fehlerhaften Anwendung: DailyWiki.exe1
Pfad des fehlerhaften Moduls: DailyWiki.exe2
Berichtskennung: DailyWiki.exe3
Vollständiger Name des fehlerhaften Pakets: DailyWiki.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DailyWiki.exe5

Error: (03/08/2016 07:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5PNPL1E)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/08/2016 07:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-5PNPL1E)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/09/2016 05:35:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Error: (03/09/2016 04:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (03/09/2016 04:38:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (03/09/2016 04:36:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_d6b85a6f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2016 04:36:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _d6b85a6f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2016 04:36:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_d6b85a6f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2016 04:36:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_d6b85a6f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2016 04:36:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/09/2016 04:34:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst zigipyro erreicht.

Error: (03/08/2016 10:31:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_9f27d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-03-09 19:03:14.749
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 19:03:14.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3998.36 MB
Verfügbarer physikalischer RAM: 1995.73 MB
Summe virtueller Speicher: 8350.36 MB
Verfügbarer virtueller Speicher: 6142.76 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:185.55 GB) (Free:52.25 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:279.46 GB) (Free:279.23 GB) NTFS
Drive f: (Philips) (Removable) (Total:3.79 GB) (Free:3.78 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 60BF7956)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== Ende von Addition.txt ============================
hoffe das hilft :)

Sry hier nochmal FRST (war nicht komplett):

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Vanessa (Administrator) auf DESKTOP-5PNPL1E (09-03-2016 19:49:44)
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Checked List\updateCheckedList.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdCleaner.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\shopperz160220162237\Ieiviem.exe
() C:\Program Files\shopperz160220162237\Timsu.exe
() C:\Program Files\shopperz160220162237\csrcc.exe
() C:\Program Files\shopperz160220162237\Timsu64.exe
(Sound+) C:\Program Files\Sound+\Sound+.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
() C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe
() C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdxEngine.exe
(DotC United Inc) C:\Program Files (x86)\MPC AdCleaner\AdcUpdate.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM\...\Run: [Sound+] => C:\Program Files\Sound+\Sound+.exe [3601408 2016-02-03] (Sound+)
HKLM\...\Run: [IDSCPRODUCT] => C:\Program Files\Sound+\\idscservice.exe [29184 2016-02-16] (AboslutAA)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DailyWiki] => C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe [47959360 2016-01-11] ()
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Security Utility] => C:\Program Files (x86)\\securityutility\\securityutility\\2.0.0.1\securityutility.exe [290928 2015-12-25] (TODO: <Company name>)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [354976 2016-01-28] (Optimal Software s.r.o.)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-05]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\zdengine.dll [260919 2016-02-16] (zdengine)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f70dec5-ab41-11e5-b753-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{310aa8b3-dd6d-4634-a08e-35610e59b37f}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{52e763b0-cca9-4019-853f-b68868beb373}: [NameServer] 82.163.143.144,82.163.142.146
Tcpip\..\Interfaces\{cf7e755f-2a9c-43ca-905b-587fa842d2f8}: [NameServer] 82.163.143.144,82.163.142.146
Tcpip\..\Interfaces\{cf7e755f-2a9c-43ca-905b-587fa842d2f8}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
SearchScopes: HKLM -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {5E86A1A6-1176-403A-86A1-38DE40387AF5} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {6F634305-2F36-411B-B460-E9F774AA7BF4} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {786BF108-DDEF-46E2-981E-29B4CE9FC9B6} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {A882FD39-3E09-4E81-9C4A-9AAB923F0ADC} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: shopperz160220162237 -> {3F2A1B5E-EBFB-4A13-8388-7E269D097B9F} -> C:\Program Files\shopperz160220162237\Laniu64.dll [2016-02-16] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-12-24] (DVDVideoSoft Ltd.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO-x32: shopperz160220162237 -> {3F2A1B5E-EBFB-4A13-8388-7E269D097B9F} -> C:\Program Files\shopperz160220162237\Laniu.dll [2016-02-16] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Checked List 1.0.0.7 -> {7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc} -> C:\Program Files (x86)\Checked List\CheckedListbho.dll [2016-02-07] (Checked List)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-12-24] (DVDVideoSoft Ltd.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartpageing.com/?type=sc&ts=1455655841&z=b77443c678dc512f2c8832cgdz9w8wfqbw2w2b8z5g&from=age&uid=HGSTXHTS545050A7E680_TMA51CTD211MJM211MJMX

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-08] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
CHR Profile: C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Checked List) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\djldhnphgmieknecekehcjkkjcljdbmk [2016-03-08] [UpdateUrl: hxxp://wwwcheckedlistap-a.akamaihd.net/update/chrome] <==== ACHTUNG
CHR Extension: (SiteAdvisor) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR Extension: (Google Mail) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 758EBA55-E947-49CC-a785-BE964703F5F5; C:\Program Files\shopperz160220162237\Ieiviem.exe [232288 2016-02-16] ()
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R3 csrcc; C:\Program Files\shopperz160220162237\csrcc.exe [1496928 2016-02-16] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1588408 2016-02-05] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S3 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-02-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [349152 2016-02-16] (DotC United Inc)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [445600 2016-01-28] (Optimal Software s.r.o.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 SCService; C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe [67232 2016-01-28] (Optimal Software s.r.o.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [465088 2016-03-08] ()
S3 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [159936 2016-02-16] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4364200 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 Update Checked List; C:\Program Files (x86)\Checked List\updateCheckedList.exe [658120 2016-03-09] ()
S3 Util Checked List; C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe [658120 2016-03-09] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [42408 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 WajaIntEn Monitor; c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe [3103744 2016-03-08] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-02-16] (Windows (R) Win 7 DDK provider)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation)
R2 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-02-16] (DotC United Inc)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 bsdriver; \??\C:\WINDOWS\system32\drivers\bsdriver.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-09 19:49 - 2016-03-09 19:50 - 00029640 _____ C:\Users\Vanessa\Desktop\FRST.txt
2016-03-09 19:49 - 2016-03-09 19:49 - 00000000 ____D C:\FRST
2016-03-09 19:49 - 2016-03-09 19:41 - 02374144 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST64.exe
2016-03-09 19:49 - 2016-03-09 19:40 - 01725440 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST.exe
2016-03-09 19:17 - 2016-03-09 19:17 - 00805528 _____ (Google Inc.) C:\Users\Vanessa\Downloads\Nicht bestätigt 301246.crdownload
2016-03-09 19:04 - 2016-03-09 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-09 18:40 - 2016-03-09 18:40 - 01109677 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft.exe
2016-03-09 16:38 - 2016-03-09 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-03-09 16:21 - 2016-03-09 16:29 - 00000000 ____D C:\Program Files (x86)\MPC AdCleaner
2016-03-09 16:21 - 2016-03-09 16:21 - 00003434 _____ C:\WINDOWS\System32\Tasks\MPC AdCleaner
2016-03-09 16:21 - 2016-03-09 16:21 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-03-08 19:27 - 2016-03-08 19:27 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVAST Software
2016-03-08 19:26 - 2016-03-08 19:29 - 00000000 ____D C:\Program Files\WajaIntEn
2016-03-08 19:06 - 2016-03-09 19:33 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-27 11:33 - 2016-02-27 11:34 - 00000000 ____D C:\Users\Vanessa\Desktop\Pokemon White 2
2016-02-22 13:22 - 2016-02-22 13:22 - 00000000 ____D C:\WINDOWS\system32\hojt
2016-02-19 03:20 - 2016-02-15 10:30 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-02-18 02:33 - 2016-02-18 02:33 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\java
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Sun
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\.oracle_jre_usage
2016-02-18 02:31 - 2016-02-18 02:33 - 00000000 ____D C:\ProgramData\Oracle
2016-02-18 02:31 - 2016-02-18 02:31 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-18 02:29 - 2016-02-18 02:29 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73 (1).exe
2016-02-18 02:29 - 2016-02-18 02:29 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Oracle
2016-02-18 02:27 - 2016-02-18 02:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73.exe
2016-02-18 02:24 - 2016-03-09 16:44 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\.minecraft
2016-02-18 02:21 - 2016-02-18 07:29 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Desktop\Minecraft Launcher (1).exe
2016-02-18 02:19 - 2016-02-18 03:43 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft Launcher.exe
2016-02-17 23:38 - 2016-02-17 23:38 - 00003225 _____ C:\Users\Vanessa\yey papa´s.papa
2016-02-17 19:54 - 2016-03-08 11:26 - 00000000 ____D C:\Users\Vanessa\Documents\PCSpeedUp
2016-02-17 00:58 - 2016-02-17 00:58 - 00003144 _____ C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa
2016-02-16 22:41 - 2016-03-09 18:11 - 00000000 ____D C:\ProgramData\AppMgr2.12.4036661
2016-02-16 22:41 - 2016-03-09 16:32 - 00000000 ____D C:\Program Files (x86)\Checked List
2016-02-16 22:40 - 2016-03-09 16:35 - 00000000 ____D C:\Users\Vanessa\AppData\Local\4182D470-1455662435-834C-AF25-F766BF10619A
2016-02-16 21:51 - 2016-03-09 16:56 - 00000000 ____D C:\Program Files\shopperz160220162237
2016-02-16 21:51 - 2016-03-09 16:41 - 00000000 ____D C:\Users\Vanessa\AppData\Local\DailyWiki
2016-02-16 21:51 - 2016-03-09 16:41 - 00000000 ____D C:\Program Files (x86)\QuickSearch
2016-02-16 21:51 - 2016-03-08 21:44 - 00000000 ____D C:\Program Files (x86)\SFK
2016-02-16 21:51 - 2016-03-08 19:29 - 00012168 _____ C:\WINDOWS\SysWOW64\zdengineOff.ini
2016-02-16 21:51 - 2016-03-08 19:29 - 00012168 _____ C:\WINDOWS\system32\zdengineOff.ini
2016-02-16 21:51 - 2016-02-16 23:35 - 00000000 ____D C:\ProgramData\UWdMU
2016-02-16 21:51 - 2016-02-16 21:51 - 00260919 _____ (zdengine) C:\WINDOWS\SysWOW64\zdengine.dll
2016-02-16 21:51 - 2016-02-16 21:51 - 00003424 _____ C:\WINDOWS\System32\Tasks\Iwyqhowt
2016-02-16 21:51 - 2016-02-16 21:51 - 00002044 _____ C:\WINDOWS\System32\Tasks\rdf3019
2016-02-16 21:51 - 2016-02-16 21:51 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-16 21:51 - 2016-02-16 21:51 - 00000002 _____ C:\END
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyWiki
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Company
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Tempfolder
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\uninst
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\ProgramData\8WdM8
2016-02-16 21:50 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\istartpageing
2016-02-16 21:50 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\DailyWiki
2016-02-16 21:50 - 2016-02-16 21:49 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-02-16 21:49 - 2016-03-08 16:39 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Users\Vanessa\AppData\Local\SunnyDay3
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Users\Vanessa\AppData\Local\mbot_en_037050240
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Program Files (x86)\SunnyDay3
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Program Files (x86)\mbot_en_037050240
2016-02-16 21:48 - 2016-03-09 16:56 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-02-16 21:48 - 2016-02-16 21:50 - 00000000 ____D C:\Program Files\Sound+
2016-02-16 21:41 - 2016-03-08 19:45 - 00000000 ____D C:\Program Files (x86)\PC Speed Up
2016-02-16 21:41 - 2016-03-08 17:40 - 00000376 _____ C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2016-02-16 21:41 - 2016-02-16 21:41 - 00002834 _____ C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator
2016-02-16 21:41 - 2016-02-16 21:41 - 00001119 _____ C:\Users\Vanessa\Desktop\PC Speed Up.lnk
2016-02-16 21:41 - 2016-02-16 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2016-02-16 21:40 - 2016-02-16 21:51 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-02-16 21:40 - 2016-02-16 21:40 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-02-16 21:38 - 2016-03-09 16:39 - 00000308 _____ C:\WINDOWS\Tasks\System HealerStartUp.job
2016-02-16 21:38 - 2016-03-08 18:00 - 00000308 _____ C:\WINDOWS\Tasks\System HealerPeriod.job
2016-02-16 21:38 - 2016-02-18 14:55 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\System Healer
2016-02-16 21:38 - 2016-02-16 21:38 - 00023246 _____ C:\WINDOWS\System32\Tasks\{0C050847-090B-0A7E-0E11-0A0A7E0A110D}
2016-02-16 21:38 - 2016-02-16 21:38 - 00003686 _____ C:\WINDOWS\System32\Tasks\System Healer Task
2016-02-16 21:38 - 2016-02-16 21:38 - 00003440 _____ C:\WINDOWS\System32\Tasks\SystemHealer Run Delay
2016-02-16 21:38 - 2016-02-16 21:38 - 00003370 _____ C:\WINDOWS\System32\Tasks\SystemHealer Monitor
2016-02-16 21:38 - 2016-02-16 21:38 - 00002936 _____ C:\WINDOWS\System32\Tasks\System HealerPeriod
2016-02-16 21:38 - 2016-02-16 21:38 - 00002642 _____ C:\WINDOWS\System32\Tasks\System HealerStartUp
2016-02-16 21:38 - 2016-02-16 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2016-02-16 21:38 - 2016-02-16 21:38 - 00000000 ____D C:\ProgramData\9eafa313-4ad5-1
2016-02-16 21:38 - 2016-02-16 21:38 - 00000000 ____D C:\ProgramData\9eafa313-1605-0
2016-02-16 21:38 - 2016-02-16 21:38 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2016-02-16 21:37 - 2016-03-09 18:48 - 00000000 ____D C:\Users\Vanessa\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-02-16 21:37 - 2016-03-09 18:11 - 00000000 ____D C:\Program Files (x86)\4182D470-1455655034-834C-AF25-F766BF10619A
2016-02-16 21:37 - 2016-02-19 09:45 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\NUIns
2016-02-16 21:37 - 2016-02-16 21:38 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-02-16 21:37 - 2016-02-16 21:37 - 00015178 _____ C:\WINDOWS\System32\Tasks\WinTaske
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\extensions
2016-02-16 21:35 - 2016-02-16 21:35 - 00525688 _____ C:\Users\Vanessa\Downloads\spotify.exe
2016-02-12 06:03 - 2016-02-12 06:03 - 00491616 _____ C:\Users\Vanessa\Downloads\zerbst_abrufkarte_sperrmuell_2016.pdf
2016-02-12 06:02 - 2016-02-12 06:03 - 01720607 _____ C:\Users\Vanessa\Downloads\abfallkalender_2016_zerbst_webs.pdf
2016-02-10 16:53 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:53 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:53 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 16:53 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 16:53 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 16:53 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 16:53 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 16:53 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 16:53 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:53 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 16:53 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 16:53 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:53 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 16:53 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 16:53 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 16:53 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 16:53 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 16:53 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 16:53 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 16:53 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 16:53 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 16:53 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 16:53 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 16:53 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 16:53 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 16:53 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 16:53 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 16:53 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:53 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 16:53 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 16:53 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 16:53 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 16:53 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 16:53 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 16:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 16:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 16:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 16:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 16:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 16:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 16:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 16:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 16:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 15:51 - 2016-02-09 15:51 - 00003010 _____ C:\Users\Vanessa\papascheeseria_backup_2.papa

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-09 19:45 - 2015-12-25 14:41 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48ABCAE0-DD1B-4554-91D4-47CD1AB4DC2B}
2016-03-09 19:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job
2016-03-09 19:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job
2016-03-09 19:00 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-03-09 18:57 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-03-09 17:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-09 16:48 - 2016-01-08 01:00 - 00002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-09 16:48 - 2016-01-08 01:00 - 00002486 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 16:43 - 2015-12-21 15:34 - 00000165 _____ C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2016-03-09 16:42 - 2016-01-11 20:01 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-09 16:41 - 2016-01-07 17:45 - 00000474 _____ C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job
2016-03-09 16:39 - 2015-12-25 21:07 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-09 16:39 - 2015-12-21 15:32 - 00000000 __SHD C:\Users\Vanessa\IntelGraphicsProfiles
2016-03-09 16:37 - 2015-12-25 21:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-09 16:37 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-09 16:24 - 2015-12-29 22:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:23 - 2015-12-25 20:52 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-09 16:23 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-09 15:13 - 2015-10-05 05:58 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-03-09 15:13 - 2015-10-05 05:58 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-03-09 15:10 - 2016-01-08 23:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Skype
2016-03-08 22:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-08 22:05 - 2015-12-28 23:23 - 00000000 ____D C:\Users\Vanessa\Desktop\Warcraft III Frozen Throne
2016-03-08 19:38 - 2015-12-25 21:11 - 00000000 ____D C:\Users\Vanessa
2016-03-08 19:06 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-08 18:48 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-07 23:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\vlc
2016-02-29 17:46 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Vanessa\Desktop\CoD4 (Manu)
2016-02-26 12:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dvdcss
2016-02-26 08:56 - 2015-10-30 19:35 - 00778202 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-26 08:56 - 2015-10-30 19:35 - 00155964 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-26 08:56 - 2015-08-18 06:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-22 13:24 - 2015-10-05 06:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-02-20 12:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-19 03:20 - 2015-12-25 14:38 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-02-19 03:20 - 2015-12-25 14:38 - 00002126 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-02-19 03:20 - 2015-12-25 14:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVG
2016-02-16 21:54 - 2015-10-05 05:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-16 21:50 - 2015-10-05 06:19 - 00001848 _____ C:\Users\Public\Desktop\WPS Office.lnk
2016-02-16 21:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-16 21:40 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-16 21:39 - 2015-12-25 14:40 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dlg
2016-02-16 20:42 - 2016-01-07 17:36 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\DVDVideoSoft
2016-02-15 10:36 - 2015-12-25 14:38 - 00045992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-02-14 04:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 16:41 - 2016-01-08 23:37 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-12 09:50 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-10 17:42 - 2015-12-25 14:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 17:36 - 2015-12-25 14:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 02:31 - 2016-01-08 23:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-08 17:00 - 2015-12-23 19:31 - 00000000 ____D C:\Users\Vanessa\AppData\Local\ElevatedDiagnostics
2016-02-08 14:36 - 2015-12-21 15:35 - 00002391 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-08 14:36 - 2015-12-21 15:35 - 00000000 ___RD C:\Users\Vanessa\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-21 15:34 - 2016-03-09 16:43 - 0000165 _____ () C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2015-12-25 21:08 - 2015-12-25 21:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-16 21:51 - 2016-02-16 21:51 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0686984 ____A (Microsoft Corporation) 86BE3AE79C85D48F20990E76EE8E5CEF

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0535088 ____A (Microsoft Corporation) 1FAF4316CDF67B280FF163051F8AC5BE

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-29 09:08

burningice 09.03.2016 20:23
Na da haben wir ja was schönes :) Eines saftige Shopperz Infektion mit Wajam und noch paar Delikatessen

Schritt: 1
Damit du besser arbeiten kannst:

Suchlauf mit rKill

Bitte lade dir rKill von Grinler auf deinen Desktop von einem der folgenden Links: RKill oder http://www.trojaner-board.de/85629-rkill-download.html
  • Starte nun das Programm durch einen Doppelklick.
  • Wenn sich jetzt kein schwarzes Fenster öffnet, dann versuche einen der anderen Downloadlinks.
  • Das Tool wird jetzt einige Minuten lang laufen und verschiedene Einstellungen prüfen und neu setzen.
  • Nach dem Ende der Abarbeitung öffnet sich automatisch die Logdatei rkill.txt.
  • Bitte poste sie in deinen Thread in CODE-Tags (Anleitung).

Starte den Computer nicht neu

Schritt: 2
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Body Text Feathering
    Checked List
    DailyWiki
    DNS Unlocker version 1.4
    istartpageing uninstall
    MyBestOffersToday
    shopperz
    SpaceSoundPro
    Wajam
    yessearches Uninstall

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Schritt: 3
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt: 4
Lade dir folgendes Programm herunter und installiere es: http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung
  • Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
  • Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt: 5
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Logfile von RKill
  • Frst.txt
  • Addition.txt

Ottokarl 09.03.2016 21:56
Hier sind die Dokumente.

Im Übrigen ist uns aufgefallen, dass "Checked List" und "SpaceSoundPro" zur Deinstallation nicht zu finden waren.

AdwCleaner

Code:
# AdwCleaner v5.101 - Bericht erstellt am 09/03/2016 um 21:00:50
# Aktualisiert am 07/03/2016 von Xplode
# Datenbank : 2016-03-06.3 [Lokal]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Vanessa - DESKTOP-5PNPL1E
# Gestartet von : C:\Users\Vanessa\Desktop\AdwCleaner_5.101.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : bsdriver
[-] Dienst Gelöscht : cherimoya
[-] Dienst Gelöscht : csrcc
[-] Dienst Gelöscht : pcsuservice
[-] Dienst Gelöscht : SCService
[-] Dienst Gelöscht : SSFK
[-] Dienst Gelöscht : MPCProtectService
[-] Dienst Gelöscht : MPCKpt
[-] Dienst Gelöscht : ggbugreport
[-] Dienst Gelöscht : 758EBA55-E947-49CC-a785-BE964703F5F5
[-] Dienst Gelöscht : Update Checked List
[-] Dienst Gelöscht : Util Checked List
[!] Dienst Nicht Gelöscht : 758EBA55-E947-49CC-a785-BE964703F5F5
[!] Dienst Nicht Gelöscht : csrcc

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\SOUND+
[-] Ordner Gelöscht : C:\Program Files\SpaceSoundPro
[-] Ordner Gelöscht : C:\Program Files\shopperz160220162237
[-] Ordner Gelöscht : C:\Program Files (x86)\MPC AdCleaner
[#] Ordner Gelöscht : C:\Program Files (x86)\MPC Cleaner
[-] Ordner Gelöscht : C:\Program Files (x86)\pc speed up
[-] Ordner Gelöscht : C:\Program Files (x86)\QuickSearch
[-] Ordner Gelöscht : C:\Program Files (x86)\SecurityUtility
[-] Ordner Gelöscht : C:\Program Files (x86)\SFK
[-] Ordner Gelöscht : C:\Program Files (x86)\Startfenster
[-] Ordner Gelöscht : C:\Program Files (x86)\SunnyDay3
[-] Ordner Gelöscht : C:\Program Files (x86)\SystemHealer
[-] Ordner Gelöscht : C:\Program Files (x86)\SearchesToYesbnd
[-] Ordner Gelöscht : C:\Program Files (x86)\Winsere
[-] Ordner Gelöscht : C:\Program Files (x86)\WinTaske
[-] Ordner Gelöscht : C:\Program Files (x86)\4182D470-1455655034-834C-AF25-F766BF10619A
[-] Ordner Gelöscht : C:\Program Files (x86)\Checked List
[J] Ordner Nicht Gelöscht : C:\Program Files (x86)\SunnyDay3
[J] Ordner Nicht Gelöscht : C:\Program Files (x86)\SunnyDay3
[-] Ordner Gelöscht : C:\ProgramData\simplitec
[-] Ordner Gelöscht : C:\ProgramData\8WdM8
[-] Ordner Gelöscht : C:\ProgramData\9eafa313-1605-0
[-] Ordner Gelöscht : C:\ProgramData\9eafa313-4ad5-1
[-] Ordner Gelöscht : C:\ProgramData\AppMgr2.12.4036661
[-] Ordner Gelöscht : C:\ProgramData\UWdMU
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\DailyWiki
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\SunnyDay3
[J] Ordner Nicht Gelöscht : C:\Users\Vanessa\AppData\Local\SunnyDay3
[J] Ordner Nicht Gelöscht : C:\Users\Vanessa\AppData\Local\SunnyDay3
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\djldhnphgmieknecekehcjkkjcljdbmk
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\Temp\MPC
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\Temp\MPC AdCleaner
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Local\Temp\Checked List
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Roaming\NUIns
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Roaming\RPEng
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Roaming\System Healer
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
[-] Ordner Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
[-] Ordner Gelöscht : C:\Users\Vanessa\Documents\PCSpeedUp
[#] Ordner Gelöscht : C:\WINDOWS\SysNative\Tasks\MPC AdCleaner
[#] Ordner Gelöscht : C:\WINDOWS\SysNative\Tasks\WinTaske

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_djldhnphgmieknecekehcjkkjcljdbmk_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_djldhnphgmieknecekehcjkkjcljdbmk_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\djldhnphgmieknecekehcjkkjcljdbmk
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.mpc.am_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.mpc.am_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.terraclicks.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yessearches.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yessearches.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\Desktop\PC Speed Up.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\Desktop\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\Favorites\Startfenster.lnk
[#] Datei Gelöscht : C:\Users\Vanessa\Favorites\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Vanessa\Favorites\Links\Startfenster.lnk
[#] Datei Gelöscht : C:\Users\Vanessa\Favorites\Links\Startfenster.lnk
[-] Datei Gelöscht : C:\WINDOWS\SysNative\zdengineOff.ini
[-] Datei Gelöscht : C:\WINDOWS\SysNative\drivers\cherimoya.sys
[#] Datei Gelöscht : C:\WINDOWS\SysNative\drivers\MPCKpt.sys
[-] Datei Gelöscht : C:\WINDOWS\SysWOW64\zdengineOff.ini
[-] Datei Gelöscht : C:\WINDOWS\SysWOW64\zdengine.dll

***** [ DLLs ] *****

[N] Datei Nicht Desinfiziert : C:\WINDOWS\Sysnative\dnsapi.dll
[N] Datei Nicht Desinfiziert : C:\WINDOWS\SysWOW64\dnsapi.dll

***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\Public\Desktop\WPS Office.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : PC SpeedUp Service Deactivator
[-] Geplante Aufgabe Gelöscht : SystemHealer Monitor
[-] Geplante Aufgabe Gelöscht : SystemHealer Run Delay
[-] Geplante Aufgabe Gelöscht : System HealerStartUp
[-] Geplante Aufgabe Gelöscht : System HealerPeriod
[-] Geplante Aufgabe Gelöscht : System Healer Task
[-] Geplante Aufgabe Gelöscht : MPC AdCleaner
[-] Geplante Aufgabe Gelöscht : Security Utility Updater
[-] Geplante Aufgabe Gelöscht : WinTaske
[-] Geplante Aufgabe Gelöscht : rdf3019
[-] Geplante Aufgabe Gelöscht : rdf3019
[-] Geplante Aufgabe Gelöscht : Security Utility Updater
[-] Geplante Aufgabe Gelöscht : {0C050847-090B-0A7E-0E11-0A0A7E0A110D}

***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [wb.exe]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [SpeedCheckerService.exe]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\A7BD54B233B5B2F70AF86F5BD1A0C0A772A59FC6
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\SystemCertificates\Root\Certificates\D830B6B8939ACB4928401060203BB648456BB4F8
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\SystemCertificates\Root\Certificates\F53E693DDABF57A88A9B12B608B09B26C0608B74
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\4832D1BACA6156C53A74A472BE8678EAAABC8CBE
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\shopperz160220162237
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7FF0F7E7-8B1E-4E90-8BD5-F60CFDD71ECC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED21E37-68B0-4393-95E8-663C7EE57449}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6446C927-E982-4F5E-83B5-9644CEF6F296}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFE4EA2-ED7D-4D61-BD31-3539A27B2F50}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{7FC658AB-AA0D-4AD7-8086-AF38830A7124}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D6FCE18C-1D89-40B6-AE0D-3898333E7C7C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF0F7E7-8B1E-4E90-8BD5-F60CFDD71ECC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF0F7E7-8B1E-4E90-8BD5-F60CFDD71ECC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[#] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF0F7E7-8B1E-4E90-8BD5-F60CFDD71ECC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[#] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5013A5D0-34A9-489F-BF9A-3A0E34D8902B}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{B43F10EC-BD1C-48D5-A123-3DCA3321C187}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6446C927-E982-4F5E-83B5-9644CEF6F296}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFE4EA2-ED7D-4D61-BD31-3539A27B2F50}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F2A1B5E-EBFB-4A13-8388-7E269D097B9F}
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Tinstalls
[-] Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
[-] Schlüssel Gelöscht : HKCU\Software\System Healer
[-] Schlüssel Gelöscht : HKCU\Software\TutoTag
[-] Schlüssel Gelöscht : HKCU\Software\WajIEnhance
[-] Schlüssel Gelöscht : HKCU\Software\Checked List
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\istartpageingSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MPC
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MPC AdCleaner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\QuickSearch
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SUNNYDAY
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\WdsManPro
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\yessearchesSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Checked List
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\shopperz160220162237
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Security utility
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPC
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPC AdCleaner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NUIns
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay3_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay3_is1
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay3_is1
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SOUNDPLUS
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SpaceSoundPro
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\shopperz160220162237
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SOUNDPLUS
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpaceSoundPro
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Checked List
[#] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[#] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[#] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tradeadexchange.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.tradeadexchange.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tradeadexchange.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.tradeadexchange.com
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Security Utility]
[-] Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sound+]
[-] Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SpaceSoundPro]
[-] Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IDSCPRODUCT]

***** [ Internetbrowser ] *****

[-] [C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mpc safe search
[-] [C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://istartpageing.com/wefavicon.ico
[-] [C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
[-] [C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : djldhnphgmieknecekehcjkkjcljdbmk

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [25198 Bytes] - [09/03/2016 21:00:50]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [24422 Bytes] - [09/03/2016 20:58:36]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [25386 Bytes] ##########
Malwarebytes

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 09.03.2016
Suchlaufzeit: 21:09
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.09.05
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Vanessa

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 353422
Abgelaufene Zeit: 36 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
RKill

Code:
Rkill 2.8.3 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/09/2016 08:38:24 PM in x64 mode.
Windows Version: Windows 10 Home

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Vanessa\AppData\Roaming\DailyWiki\DailyWiki.exe (PID: 8032) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

  [HKLM\SOFTWARE\Microsoft\Windows Defender]
  "DisableAntiSpyware" = dword:00000001

 * Windows Defender Disabled

  [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
  "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * fcvsc [Missing Service]
 * HdAudAddService [Missing Service]
 * HyperVideo [Missing Service]
 * netvsc [Missing Service]
 * wfpcapture [Missing Service]

 * CompositeBus => \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys [Incorrect ImagePath]
 * NgcSvc => %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted [Incorrect ImagePath]
 * swenum => \SystemRoot\System32\drivers\swenum.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * C:\WINDOWS\System32\dnsapi.dll : 686.984 : 10/30/2015 08:18 AM : 86be3ae79c85d48f20990e76ee8e5cef [NoSig]
 +-> C:\WINDOWS\SysWOW64\dnsapi.dll : 535.088 : 10/30/2015 08:18 AM : 1faf4316cdf67b280ff163051f8ac5be [Pos Repl]
 +-> C:\WINDOWS\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_22114c18cd7ccd17\dnsapi.dll : 686.984 : 10/30/2015 08:18 AM : e7b524818100b0fde2b057c74b0c0dcd [Pos Repl]
 +-> C:\WINDOWS\WinSxS\wow64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10586.0_none_2c65f66b01dd8f12\dnsapi.dll : 535.088 : 10/30/2015 08:18 AM : 2796c0957f6f05a528dd64b8591371b6 [Pos Repl]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1      down.baidu2016.com
  127.0.0.1      123.sogou.com
  127.0.0.1      www.czzsyzgm.com
  127.0.0.1      www.czzsyzxl.com
  127.0.0.1      down.baidu2016.com
  127.0.0.1      123.sogou.com
  127.0.0.1      www.czzsyzgm.com
  127.0.0.1      www.czzsyzxl.com
  127.0.0.1      down.baidu2016.com
  127.0.0.1      123.sogou.com
  127.0.0.1      www.czzsyzgm.com
  127.0.0.1      www.czzsyzxl.com

Program finished at: 03/09/2016 08:40:39 PM
Execution time: 0 hours(s), 2 minute(s), and 15 seconds(s)
Frst

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Vanessa (Administrator) auf DESKTOP-5PNPL1E (09-03-2016 21:48:42)
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCNews.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [mbot_en_037050240] => [X]
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-05]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f70dec5-ab41-11e5-b753-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{cf7e755f-2a9c-43ca-905b-587fa842d2f8}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
SearchScopes: HKLM -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {5E86A1A6-1176-403A-86A1-38DE40387AF5} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {6F634305-2F36-411B-B460-E9F774AA7BF4} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {786BF108-DDEF-46E2-981E-29B4CE9FC9B6} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {A882FD39-3E09-4E81-9C4A-9AAB923F0ADC} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartpageing.com/?type=sc&ts=1455655841&z=b77443c678dc512f2c8832cgdz9w8wfqbw2w2b8z5g&from=age&uid=HGSTXHTS545050A7E680_TMA51CTD211MJM211MJMX

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-08] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
CHR Profile: C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (SiteAdvisor) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR Extension: (Google Mail) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0161881457556051mcinstcleanup; C:\WINDOWS\TEMP\016188~1.EXE [918056 2015-11-27] (McAfee, Inc.)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S3 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-02-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [349152 2016-02-16] (DotC United Inc)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [465088 2016-03-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4364200 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [42408 2016-02-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WajaIntEn Monitor; c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-09] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation)
R2 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-02-16] (DotC United Inc)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-09 21:48 - 2016-03-09 21:51 - 00025366 _____ C:\Users\Vanessa\Desktop\FRST.txt
2016-03-09 21:48 - 2016-03-09 21:48 - 00001201 _____ C:\Users\Vanessa\Desktop\mbamlog.txt
2016-03-09 21:42 - 2016-03-09 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-09 21:08 - 2016-03-09 21:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-09 21:08 - 2016-03-09 21:08 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-09 21:08 - 2016-03-09 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-09 21:08 - 2016-03-09 21:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-09 21:08 - 2016-03-09 21:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-09 21:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 21:06 - 2016-03-09 21:06 - 00025649 _____ C:\Users\Vanessa\Desktop\AdwCleaner[C1].txt
2016-03-09 21:05 - 2016-03-09 21:05 - 00001800 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-03-09 21:05 - 2016-03-09 21:05 - 00000000 ____D C:\ProgramData\simplitec
2016-03-09 21:05 - 2016-03-09 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-03-09 20:57 - 2016-03-09 21:00 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-09 20:41 - 2016-03-09 20:41 - 00000000 ____D C:\Users\Vanessa\Desktop\RevoUninstallerPortable
2016-03-09 20:38 - 2016-03-09 20:40 - 00005652 _____ C:\Users\Vanessa\Desktop\Rkill.txt
2016-03-09 20:38 - 2016-03-09 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\Vanessa\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-09 20:38 - 2016-03-09 20:29 - 01524224 _____ C:\Users\Vanessa\Desktop\AdwCleaner_5.101.exe
2016-03-09 20:38 - 2016-03-09 20:28 - 02785665 _____ (PortableApps.com) C:\Users\Vanessa\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2016-03-09 20:38 - 2016-03-09 20:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Vanessa\Desktop\revosetup95.exe
2016-03-09 20:37 - 2016-03-09 20:27 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Vanessa\Desktop\rkill.com
2016-03-09 19:49 - 2016-03-09 21:48 - 00000000 ____D C:\FRST
2016-03-09 19:49 - 2016-03-09 19:41 - 02374144 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST64.exe
2016-03-09 19:49 - 2016-03-09 19:40 - 01725440 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST.exe
2016-03-09 19:17 - 2016-03-09 19:17 - 00805528 _____ (Google Inc.) C:\Users\Vanessa\Downloads\Nicht bestätigt 301246.crdownload
2016-03-09 18:40 - 2016-03-09 18:40 - 01109677 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft.exe
2016-03-08 19:27 - 2016-03-08 19:27 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVAST Software
2016-03-08 19:06 - 2016-03-09 20:33 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-27 11:33 - 2016-02-27 11:34 - 00000000 ____D C:\Users\Vanessa\Desktop\Pokemon White 2
2016-02-22 13:22 - 2016-02-22 13:22 - 00000000 ____D C:\WINDOWS\system32\hojt
2016-02-19 03:20 - 2016-02-15 10:30 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-02-18 02:33 - 2016-02-18 02:33 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\java
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Sun
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\.oracle_jre_usage
2016-02-18 02:31 - 2016-02-18 02:33 - 00000000 ____D C:\ProgramData\Oracle
2016-02-18 02:31 - 2016-02-18 02:31 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-18 02:29 - 2016-02-18 02:29 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73 (1).exe
2016-02-18 02:29 - 2016-02-18 02:29 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Oracle
2016-02-18 02:27 - 2016-02-18 02:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73.exe
2016-02-18 02:24 - 2016-03-09 16:44 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\.minecraft
2016-02-18 02:21 - 2016-02-18 07:29 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Desktop\Minecraft Launcher (1).exe
2016-02-18 02:19 - 2016-02-18 03:43 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft Launcher.exe
2016-02-17 23:38 - 2016-02-17 23:38 - 00003225 _____ C:\Users\Vanessa\yey papa´s.papa
2016-02-17 00:58 - 2016-02-17 00:58 - 00003144 _____ C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa
2016-02-16 21:51 - 2016-02-16 21:51 - 00003424 _____ C:\WINDOWS\System32\Tasks\Iwyqhowt
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Company
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Tempfolder
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\uninst
2016-02-16 21:50 - 2016-02-16 21:49 - 00060136 ____N (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-02-16 21:49 - 2016-03-08 16:39 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-16 21:49 - 2016-02-16 21:49 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0
2016-02-16 21:40 - 2016-03-09 21:03 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-16 21:37 - 2016-03-09 18:48 - 00000000 ____D C:\Users\Vanessa\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\extensions
2016-02-16 21:35 - 2016-02-16 21:35 - 00525688 _____ C:\Users\Vanessa\Downloads\spotify.exe
2016-02-12 06:03 - 2016-02-12 06:03 - 00491616 _____ C:\Users\Vanessa\Downloads\zerbst_abrufkarte_sperrmuell_2016.pdf
2016-02-12 06:02 - 2016-02-12 06:03 - 01720607 _____ C:\Users\Vanessa\Downloads\abfallkalender_2016_zerbst_webs.pdf
2016-02-10 16:53 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:53 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:53 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 16:53 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 16:53 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 16:53 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 16:53 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 16:53 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 16:53 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:53 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 16:53 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 16:53 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:53 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 16:53 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 16:53 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 16:53 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 16:53 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 16:53 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 16:53 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 16:53 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 16:53 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 16:53 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 16:53 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 16:53 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 16:53 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 16:53 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 16:53 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 16:53 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:53 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 16:53 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 16:53 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 16:53 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 16:53 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 16:53 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 16:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 16:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 16:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 16:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 16:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 16:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 16:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 16:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 16:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 15:51 - 2016-02-09 15:51 - 00003010 _____ C:\Users\Vanessa\papascheeseria_backup_2.papa

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-09 21:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-09 21:39 - 2015-10-05 06:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-09 21:34 - 2015-12-25 14:41 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48ABCAE0-DD1B-4554-91D4-47CD1AB4DC2B}
2016-03-09 21:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job
2016-03-09 21:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job
2016-03-09 21:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-09 21:07 - 2015-12-21 15:34 - 00000165 _____ C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2016-03-09 21:06 - 2016-01-11 20:01 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-09 21:05 - 2016-01-07 17:45 - 00000474 _____ C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job
2016-03-09 21:05 - 2015-12-25 21:07 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-09 21:05 - 2015-12-21 15:32 - 00000000 __SHD C:\Users\Vanessa\IntelGraphicsProfiles
2016-03-09 21:04 - 2015-12-25 21:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-09 21:04 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-09 21:02 - 2015-10-05 06:19 - 00001542 _____ C:\Users\Public\Desktop\WPS Office.lnk
2016-03-09 21:00 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-03-09 20:57 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-03-09 20:55 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-09 19:52 - 2015-10-30 19:35 - 00778202 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-09 19:52 - 2015-10-30 19:35 - 00155964 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-09 19:52 - 2015-08-18 06:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-09 16:48 - 2016-01-08 01:00 - 00002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-09 16:48 - 2016-01-08 01:00 - 00002486 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 16:24 - 2015-12-29 22:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:23 - 2015-12-25 20:52 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-09 15:13 - 2015-10-05 05:58 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-03-09 15:13 - 2015-10-05 05:58 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-03-09 15:10 - 2016-01-08 23:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Skype
2016-03-08 22:05 - 2015-12-28 23:23 - 00000000 ____D C:\Users\Vanessa\Desktop\Warcraft III Frozen Throne
2016-03-08 19:38 - 2015-12-25 21:11 - 00000000 ____D C:\Users\Vanessa
2016-03-08 19:06 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-08 18:48 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-07 23:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\vlc
2016-02-29 17:46 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Vanessa\Desktop\CoD4 (Manu)
2016-02-26 12:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dvdcss
2016-02-20 12:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-19 03:20 - 2015-12-25 14:38 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-02-19 03:20 - 2015-12-25 14:38 - 00002126 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-02-19 03:20 - 2015-12-25 14:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVG
2016-02-16 21:54 - 2015-10-05 05:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-16 21:39 - 2015-12-25 14:40 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dlg
2016-02-16 20:42 - 2016-01-07 17:36 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\DVDVideoSoft
2016-02-15 10:36 - 2015-12-25 14:38 - 00045992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-02-14 04:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 16:41 - 2016-01-08 23:37 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-12 09:50 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-10 17:42 - 2015-12-25 14:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 17:36 - 2015-12-25 14:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 02:31 - 2016-01-08 23:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-08 17:00 - 2015-12-23 19:31 - 00000000 ____D C:\Users\Vanessa\AppData\Local\ElevatedDiagnostics
2016-02-08 14:36 - 2015-12-21 15:35 - 00002391 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-08 14:36 - 2015-12-21 15:35 - 00000000 ___RD C:\Users\Vanessa\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-21 15:34 - 2016-03-09 21:07 - 0000165 _____ () C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2015-12-25 21:08 - 2015-12-25 21:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Vanessa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0686984 ____A (Microsoft Corporation) 86BE3AE79C85D48F20990E76EE8E5CEF

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0535088 ____A (Microsoft Corporation) 1FAF4316CDF67B280FF163051F8AC5BE

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-09 21:37

==================== Ende von FRST.txt ============================
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Vanessa (2016-03-09 21:51:54)
Gestartet von C:\Users\Vanessa\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-25 20:30:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-483611294-2829987118-2205543787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-483611294-2829987118-2205543787-503 - Limited - Disabled)
Gast (S-1-5-21-483611294-2829987118-2205543787-501 - Limited - Disabled)
Vanessa (S-1-5-21-483611294-2829987118-2205543787-1001 - Administrator - Enabled) => C:\Users\Vanessa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Wonders 4: Magical Mystery Tour (HKLM-x32\...\7 Wonders 4: Magical Mystery Tour) (Version: 1.0.0.0 - INTENIUM GmbH)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader 6.0.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\Steam App 261430) (Version:  - NCSOFT)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.22.1.58906 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.22.3 - AVG Technologies) Hidden
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Edna Bricht Aus (HKLM-x32\...\EdnaSE) (Version: 1.0 - Daedalic Entertainment)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.0.1224 - DVDVideoSoft Ltd.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
Gomo (HKLM-x32\...\Gomo_is1) (Version: 1.1 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Heroes of Hellas (HKLM-x32\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Lawn & Order 2: Die Gartenverschwörung (HKLM-x32\...\Lawn & Order 2: Die Gartenverschwörung) (Version: 0.0.0.0 - INTENIUM GmbH)
Lawn & Order: Die Gartenprofis (HKLM-x32\...\Lawn & Order: Die Gartenprofis) (Version: 0.0.0.0 - INTENIUM GmbH)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.171 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Nero TuneItUp Free (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.4.1.1039 - Nero AG)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{e3b5e5c5-4557-4cbc-9927-7a947d002d51}) (Version: latest - ppy Pty Ltd)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Royal Defense (HKLM-x32\...\RoyalDefense) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version:  - )
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows-Treiberpaket - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-483611294-2829987118-2205543787-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B15309-9A15-4F89-939C-8A946EABAF0A} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {03A2C72E-331C-4F11-89CC-D41D0C1B03B4} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {0E3A0BF4-DDA1-4D1E-8E60-04146F128E88} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10845013-BF46-4E5D-A7F8-D0C92B8EBCD9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {15F8E926-650D-40ED-956B-864A85F9E134} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6779CC7C-151F-47FE-BA0A-9DFDB03DA8FB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {69A85AC5-00CD-4960-8C87-44AA9A6708C0} - System32\Tasks\Nero TuneItUp => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe [2015-12-18] (Nero AG)
Task: {6C74C4F8-6F6D-45C9-A5EB-7B2F34203A48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {80291AB0-8F61-4C15-8820-E713556B3464} - System32\Tasks\Iwyqhowt => C:\PROGRA~1\SHOPPE~1\Wokwe.bat
Task: {86E40AB0-F3CB-4143-B4CE-2F0A5381A18A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {9521437B-E580-4899-8638-053CCE36BA52} - System32\Tasks\Nero TuneItUp (Tray) => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe [2015-12-18] (Nero AG)
Task: {A2141CD3-585C-49AF-BDF5-22CBF603734C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {A56AFB05-3237-4708-AEC8-E06A16EC68DB} - System32\Tasks\{FABCEED8-3F2C-4C84-B0CF-01F6D4E53F5B} => pcalua.exe -a E:\FarCryAutoCD.exe -d E:\
Task: {A62B4474-18F2-4158-93FA-4EF643286875} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-02-15] (AVG Technologies CZ, s.r.o.)
Task: {AD3F2FE4-CAFB-4D7E-8D8E-364465F938A5} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {AF92B986-DE33-4872-B4F0-D846B5DDE1A7} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {C1766BD8-300E-4487-A008-225FC7F6A341} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {C87A4943-158C-4FE8-A342-01B63AE6BA7B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {DC233B71-6562-4D52-AEC1-C0B30BBFA891} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {E0F2E963-FFA3-47DC-A8F0-5133B4292258} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-29] (Realtek Semiconductor)
Task: {E3BF4274-C3E4-4B78-A9B4-B0FBECBDF562} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {E4389888-C5EC-4E72-B926-32C7A02B5134} - System32\Tasks\WpsNotifyTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {EB8AF37B-9431-48C1-BB20-13F19468F7E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {F0F63C14-EC91-4475-8728-A14C01630782} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {F2C808F5-A339-4F47-8E0E-0A19E9AC8905} - System32\Tasks\WpsUpdateTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp.job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-08 18:02 - 2016-03-08 18:02 - 00465088 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-12-25 20:47 - 2015-12-25 20:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-25 20:47 - 2015-12-25 20:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-25 20:47 - 2015-12-25 20:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-25 20:47 - 2015-12-25 20:47 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 18:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 18:19 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-07 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-07 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-08 17:24 - 2016-03-08 18:09 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-08 17:24 - 2016-03-08 18:09 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-08 17:24 - 2016-03-08 18:09 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-01-07 17:44 - 2015-12-18 12:25 - 00102864 _____ () C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\modules\common\asp_ipc32.dll
2016-02-16 21:50 - 2016-01-13 12:15 - 00100320 _____ () C:\Program Files (x86)\MPC Cleaner\XBus.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00765408 _____ () C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll
2016-02-16 21:49 - 2016-02-16 21:49 - 00088544 _____ () C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll
2016-02-16 21:49 - 2016-02-16 21:49 - 00103904 ____N () C:\Program Files (x86)\MPC Cleaner\AdbWinApi.DLL
2016-02-16 21:49 - 2016-02-16 21:49 - 00068576 _____ () C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00130016 _____ () C:\Program Files (x86)\MPC Cleaner\Monitor.dll
2016-02-16 21:49 - 2016-02-16 21:49 - 00144864 _____ () C:\Program Files (x86)\MPC Cleaner\Database.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00144352 _____ () C:\Program Files (x86)\MPC Cleaner\LogReport.dll
2016-02-16 21:49 - 2016-02-16 21:49 - 00323040 _____ () C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll
2016-02-16 21:49 - 2016-02-16 21:49 - 00342496 _____ () C:\Program Files (x86)\MPC Cleaner\Cleaner.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00521696 _____ () C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00270816 _____ () C:\Program Files (x86)\MPC Cleaner\Update.dll
2016-02-16 21:50 - 2016-02-16 21:49 - 00254432 _____ () C:\Program Files (x86)\MPC Cleaner\Web.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2015-10-05 06:02 - 2015-04-29 17:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-12-25 14:34 - 2015-12-25 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2016-02-16 21:51 - 00001253 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vanessa\Desktop\DCIM\DCIM\Camera\20150525_131105.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68C9D58C-372D-40B9-A1AD-30C06C09294A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BAC89DB-7A7C-4B1E-8AB8-DEB6173CD930}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09436CFC-4CBB-4975-ACAD-708993158B05}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1602656-3867-402C-B9AF-AA703B8784C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E5A94CB-EAE9-4E57-B5F5-B6D96344DF8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38079EA8-AD17-4E0A-9963-C0643E74980C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF69EBE0-E584-44B9-B68C-CD42A83C77C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{917A28EF-4788-41CB-A69E-38902C2B79E7}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{13425C54-0AA3-4AD9-AAFE-22501492CB91}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{A95D19AF-90D0-40DB-BD0D-5991C958E778}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6958E1D-42C5-46DB-AE72-9AB315544A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{9ABAB0D7-A4D0-408A-80B5-38C60520E23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{975AC3BF-3A7F-4E46-A566-B2B25307FA76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-02-2016 09:07:25 Geplanter Prüfpunkt
03-03-2016 12:52:00 Geplanter Prüfpunkt
09-03-2016 20:43:18 Revo Uninstaller's restore point - Body Text Feathering

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2016 09:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MPCTray.exe, Version: 3.2.9127.113, Zeitstempel: 0x569630ed
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a853dc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026ffa
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0xMPCTray.exe0
Pfad der fehlerhaften Anwendung: MPCTray.exe1
Pfad des fehlerhaften Moduls: MPCTray.exe2
Berichtskennung: MPCTray.exe3
Vollständiger Name des fehlerhaften Pakets: MPCTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MPCTray.exe5

Error: (03/09/2016 08:43:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2016 07:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3898

Startzeit: 01d17a2fec4db74a

Beendigungszeit: 4

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 5677c9e3-e623-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm sllauncher.exe, Version 5.1.30514.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d74

Startzeit: 01d17a1a25af36f3

Beendigungszeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe

Berichts-ID: 69fa92fe-e60d-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 04:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x33dc
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/09/2016 03:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/08/2016 10:31:34 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (03/08/2016 07:35:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DailyWiki.exe, Version: 0.0.0.0, Zeitstempel: 0x54f7d2ce
Name des fehlerhaften Moduls: windows.storage.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84db3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0010c4e2
ID des fehlerhaften Prozesses: 0x267c
Startzeit der fehlerhaften Anwendung: 0xDailyWiki.exe0
Pfad der fehlerhaften Anwendung: DailyWiki.exe1
Pfad des fehlerhaften Moduls: DailyWiki.exe2
Berichtskennung: DailyWiki.exe3
Vollständiger Name des fehlerhaften Pakets: DailyWiki.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DailyWiki.exe5


Systemfehler:
=============
Error: (03/09/2016 09:45:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1, 10 und Windows Server 2012, 2012 R2 x64 Edition - März 2016 (KB890830)

Error: (03/09/2016 09:45:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: ASUS driver update for Asus Support Device

Error: (03/09/2016 09:39:22 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/09/2016 09:39:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/09/2016 09:39:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/09/2016 09:39:22 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/09/2016 09:39:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/09/2016 09:39:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/09/2016 09:39:22 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/09/2016 09:39:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


CodeIntegrity:
===================================
  Date: 2016-03-09 19:03:14.749
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 19:03:14.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 3998.36 MB
Verfügbarer physikalischer RAM: 2242.05 MB
Summe virtueller Speicher: 8350.36 MB
Verfügbarer virtueller Speicher: 6282.63 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:185.55 GB) (Free:56.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:279.46 GB) (Free:279.23 GB) NTFS
Drive f: (Philips) (Removable) (Total:3.79 GB) (Free:3.79 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 60BF7956)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== Ende von Addition.txt ============================
Ich hoffe das ist in Ordnung.

burningice 10.03.2016 01:53
na das ist doch schon viel besser... aber noch einiges zu tun.
Aber super gearbeitet bislang :daumenhoc

Schritt: 1
http://filepony.de/icon/tiny/malware...ti_malware.png Starte bitte wieder Malwarebytes Anti-Malware
  • Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
  • Klicke im Anschluss auf Dashboard und klicke unter dem Punkt Datenbankversion auf "Jetzt aktualisieren"
  • Wechsle zum Reiter Scannen und wähle den Bedrohungssuchlauf aus und klicke im Anschluss auf Suchlauf starten
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Ottokarl 10.03.2016 21:13
Nach dem Neustart des Computers ließ sich mbam.exe nicht mehr starten. (Fehlercode 0xc0000022) - Sollten wir das Programm deinstallieren und es noch mal raufspielen ?

Die Installation von mbam.exe klappt leider auch nicht.

Trotz allem hier die Dokumentinhalte von FRST:

FRST

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Vanessa (Administrator) auf DESKTOP-5PNPL1E (10-03-2016 20:55:47)
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Vanessa\Desktop\Plants vs Zombies Full\Plants vs Zombies\PlantsVsZombies.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-03-10]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f70dec5-ab41-11e5-b753-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{cf7e755f-2a9c-43ca-905b-587fa842d2f8}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {5E86A1A6-1176-403A-86A1-38DE40387AF5} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {6F634305-2F36-411B-B460-E9F774AA7BF4} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {786BF108-DDEF-46E2-981E-29B4CE9FC9B6} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {A882FD39-3E09-4E81-9C4A-9AAB923F0ADC} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-08] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
CHR Profile: C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (SiteAdvisor) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR Extension: (Google Mail) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S3 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-02-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [465088 2016-03-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4364200 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [42408 2016-02-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S2 WajaIntEn Monitor; c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation)
R2 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-10 20:55 - 2016-03-10 20:57 - 00024412 _____ C:\Users\Vanessa\Desktop\FRST.txt
2016-03-10 20:49 - 2016-03-10 20:49 - 00000000 ____D C:\Users\Vanessa\Desktop\RevoUninstallerPortable
2016-03-09 21:55 - 2016-03-10 20:54 - 00000000 ____D C:\Users\Vanessa\Desktop\Wichtiger Kram
2016-03-09 21:42 - 2016-03-10 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-09 21:08 - 2016-03-10 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-09 21:08 - 2016-03-10 12:15 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-09 21:08 - 2016-03-09 21:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-09 21:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 21:05 - 2016-03-09 21:05 - 00000000 ____D C:\ProgramData\simplitec
2016-03-09 20:57 - 2016-03-09 21:00 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-09 20:38 - 2016-03-09 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\Vanessa\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-09 20:38 - 2016-03-09 20:28 - 02785665 _____ (PortableApps.com) C:\Users\Vanessa\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2016-03-09 19:49 - 2016-03-10 20:55 - 00000000 ____D C:\FRST
2016-03-09 19:49 - 2016-03-09 19:41 - 02374144 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST64.exe
2016-03-09 19:49 - 2016-03-09 19:40 - 01725440 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST.exe
2016-03-09 19:17 - 2016-03-09 19:17 - 00805528 _____ (Google Inc.) C:\Users\Vanessa\Downloads\Nicht bestätigt 301246.crdownload
2016-03-09 18:40 - 2016-03-09 18:40 - 01109677 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft.exe
2016-03-09 15:14 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 15:14 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:14 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:14 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:14 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-09 15:14 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-09 15:14 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-09 15:14 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-09 15:14 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-09 15:14 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-09 15:14 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-09 15:14 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-09 15:14 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-09 15:14 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-09 15:14 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-09 15:14 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 15:14 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-09 15:14 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-09 15:13 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:13 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 15:13 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:13 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 15:13 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 15:13 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 15:13 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 15:13 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:13 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:13 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:13 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:13 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:13 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:13 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:13 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:13 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 15:13 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-09 15:13 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-09 15:13 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-09 15:13 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 15:13 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 15:13 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 15:13 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-09 15:13 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-09 15:13 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-09 15:13 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-09 15:13 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-09 15:13 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-09 15:13 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-09 15:13 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-09 15:13 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-09 15:13 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-09 15:13 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-09 15:13 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-09 15:13 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 15:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-09 15:13 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-09 15:13 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-09 15:13 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-09 15:12 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 15:12 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 15:12 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 15:12 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-09 15:12 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-09 15:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-09 15:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-09 15:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-09 15:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-09 15:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-09 15:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-09 15:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 15:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 15:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-09 15:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-09 15:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-09 15:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-09 15:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-09 15:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-09 15:11 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 15:11 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 15:11 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-09 15:11 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-09 15:07 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 15:07 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 15:07 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 15:07 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-09 15:07 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-09 15:07 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-09 15:07 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-09 15:07 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-09 15:07 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-09 15:07 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-08 22:32 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-08 22:32 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-08 22:32 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-08 22:31 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-08 22:31 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-08 22:31 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-08 22:31 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-08 22:31 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-08 22:31 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-08 22:31 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-08 22:31 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-08 22:31 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-08 22:31 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-08 22:31 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-08 22:31 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-08 22:31 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-08 22:31 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-08 22:31 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-08 22:31 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-08 22:31 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-08 22:31 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-08 22:31 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-08 22:31 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-08 22:31 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-08 22:31 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-08 22:31 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-08 22:31 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-08 22:31 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-08 22:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-08 22:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-08 22:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-08 22:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-08 22:31 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-08 22:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-08 22:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-08 22:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-08 22:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-08 22:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-08 22:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-08 22:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-08 22:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-08 22:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-08 22:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-08 22:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-08 22:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-08 22:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-08 22:31 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-08 22:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-08 22:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-08 22:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-08 22:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-08 22:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-08 22:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-08 22:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-08 22:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-08 22:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-08 22:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-08 22:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-08 22:31 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-08 22:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-08 22:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-08 22:31 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-08 22:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-08 22:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-08 22:31 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-08 22:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-08 22:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-08 22:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-08 22:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-08 22:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-08 22:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-08 22:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-08 22:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-08 22:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-08 22:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-08 22:30 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-08 22:30 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-08 22:30 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-08 22:30 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-08 22:30 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-08 22:30 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-08 22:30 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-08 22:30 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-08 22:30 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-08 22:30 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-08 22:30 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-08 22:30 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-08 22:30 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-08 22:30 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-08 22:30 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-08 22:30 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-08 22:30 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-08 22:30 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-08 22:30 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-08 22:30 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-08 22:30 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-08 22:30 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-08 22:30 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-08 22:30 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-08 22:30 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-08 22:30 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-08 22:30 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-08 22:30 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-08 22:30 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-08 22:30 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-08 22:30 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-08 22:30 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-08 22:30 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-08 22:30 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-08 22:30 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-08 22:30 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-08 22:30 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-08 22:30 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-08 22:30 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-08 22:30 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-08 22:30 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-08 22:30 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-08 22:30 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-08 22:30 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-08 22:30 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-08 22:30 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-08 22:30 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-08 22:30 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-08 22:30 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-08 22:30 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-08 22:30 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-08 22:30 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-08 22:30 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-08 22:30 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-08 22:30 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-08 22:30 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-08 22:30 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-08 22:30 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-08 22:30 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-08 22:30 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-08 22:30 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-08 22:30 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-08 22:30 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-08 22:30 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-08 22:30 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-08 22:30 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-08 22:30 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-08 22:30 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-08 22:30 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-08 22:30 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-08 22:30 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-08 22:30 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-08 22:30 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-08 22:30 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-08 22:30 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-08 22:30 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-08 22:30 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-08 22:30 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-08 22:30 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-08 22:30 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-08 22:30 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-08 22:30 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-08 22:30 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-08 22:30 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-08 22:30 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-08 22:30 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-08 22:30 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-08 22:30 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-08 22:30 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-08 22:30 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-08 22:30 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-08 22:30 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-08 22:30 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-08 22:30 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-08 22:30 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-08 22:30 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-08 22:30 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-08 22:30 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-08 22:30 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-08 22:30 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-08 22:30 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-08 22:30 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-08 22:30 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-08 22:30 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-08 22:30 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-08 22:30 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-08 22:30 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-08 22:30 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-08 22:30 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-08 22:30 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-08 22:30 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-08 22:30 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-08 22:30 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-08 22:30 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-08 22:30 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-08 22:30 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-08 22:30 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-08 22:30 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 22:30 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-08 22:30 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-08 22:30 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-08 22:30 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-08 22:30 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-08 22:30 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-08 22:30 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-08 22:30 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-08 22:30 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-08 22:30 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-08 22:30 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-08 22:30 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-08 22:30 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 22:30 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-08 22:30 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-08 22:30 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-08 22:30 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-08 22:30 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-08 22:30 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-08 22:30 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-08 22:30 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-08 22:30 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-08 22:30 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-08 19:27 - 2016-03-08 19:27 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVAST Software
2016-03-08 19:06 - 2016-03-10 20:06 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-27 11:33 - 2016-02-27 11:34 - 00000000 ____D C:\Users\Vanessa\Desktop\Pokemon White 2
2016-02-22 13:22 - 2016-02-22 13:22 - 00000000 ____D C:\WINDOWS\system32\hojt
2016-02-19 03:20 - 2016-02-15 10:30 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-02-18 02:33 - 2016-02-18 02:33 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\java
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Sun
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\.oracle_jre_usage
2016-02-18 02:31 - 2016-02-18 02:33 - 00000000 ____D C:\ProgramData\Oracle
2016-02-18 02:31 - 2016-02-18 02:31 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-18 02:29 - 2016-02-18 02:29 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73 (1).exe
2016-02-18 02:29 - 2016-02-18 02:29 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Oracle
2016-02-18 02:27 - 2016-02-18 02:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73.exe
2016-02-18 02:24 - 2016-03-10 18:23 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\.minecraft
2016-02-18 02:21 - 2016-02-18 07:29 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Desktop\Minecraft Launcher (1).exe
2016-02-18 02:19 - 2016-02-18 03:43 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft Launcher.exe
2016-02-17 23:38 - 2016-02-17 23:38 - 00003225 _____ C:\Users\Vanessa\yey papa´s.papa
2016-02-17 00:58 - 2016-02-17 00:58 - 00003144 _____ C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa
2016-02-16 21:51 - 2016-03-09 21:59 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Company
2016-02-16 21:51 - 2016-02-16 21:51 - 00003424 _____ C:\WINDOWS\System32\Tasks\Iwyqhowt
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Tempfolder
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\uninst
2016-02-16 21:40 - 2016-03-09 21:03 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\extensions
2016-02-12 06:03 - 2016-02-12 06:03 - 00491616 _____ C:\Users\Vanessa\Downloads\zerbst_abrufkarte_sperrmuell_2016.pdf
2016-02-12 06:02 - 2016-02-12 06:03 - 01720607 _____ C:\Users\Vanessa\Downloads\abfallkalender_2016_zerbst_webs.pdf
2016-02-10 16:53 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:53 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:53 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:53 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 15:51 - 2016-02-09 15:51 - 00003010 _____ C:\Users\Vanessa\papascheeseria_backup_2.papa

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-10 20:57 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-03-10 20:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job
2016-03-10 20:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job
2016-03-10 20:00 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-03-10 19:37 - 2015-12-21 15:34 - 00000165 _____ C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2016-03-10 13:35 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 13:28 - 2015-10-30 19:35 - 00778202 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-10 13:28 - 2015-10-30 19:35 - 00155964 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-10 13:28 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-10 13:28 - 2015-08-18 06:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 13:23 - 2016-01-11 20:01 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-10 13:22 - 2015-12-25 21:07 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-10 13:22 - 2015-12-21 15:32 - 00000000 __SHD C:\Users\Vanessa\IntelGraphicsProfiles
2016-03-10 13:21 - 2016-01-07 17:45 - 00000474 _____ C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job
2016-03-10 13:21 - 2015-12-25 21:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-10 13:20 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-10 13:19 - 2016-01-20 21:40 - 00001326 _____ C:\Users\Public\Desktop\Far Cry.lnk
2016-03-10 13:19 - 2016-01-17 17:52 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-10 13:19 - 2016-01-08 23:37 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-10 13:19 - 2016-01-08 01:59 - 00001023 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-03-10 13:19 - 2016-01-08 01:59 - 00001015 _____ C:\Users\Vanessa\Desktop\osu!.lnk
2016-03-10 13:19 - 2016-01-08 01:00 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-10 13:19 - 2016-01-08 01:00 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-10 13:19 - 2016-01-07 17:36 - 00001467 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-03-10 13:19 - 2016-01-07 17:36 - 00001310 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-03-10 13:19 - 2016-01-06 23:32 - 00001284 _____ C:\Users\Vanessa\Desktop\Continue Java Update 8.6 Installation.lnk
2016-03-10 13:19 - 2016-01-04 01:30 - 00001223 _____ C:\Users\Vanessa\Desktop\Die Installation von Adobe Flash Player fortsetzen.lnk
2016-03-10 13:19 - 2015-12-29 22:47 - 00001028 _____ C:\Users\Public\Desktop\Steam.lnk
2016-03-10 13:19 - 2015-12-27 18:42 - 00001291 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eye Care Switcher.lnk
2016-03-10 13:19 - 2015-12-27 18:07 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 6.0.lnk
2016-03-10 13:19 - 2015-12-27 18:07 - 00002098 _____ C:\Users\Public\Desktop\Adobe Reader 6.0.lnk
2016-03-10 13:19 - 2015-12-26 12:10 - 00002053 _____ C:\Users\Vanessa\Desktop\Willkommen zur ASUS Produktregistrierung.lnk
2016-03-10 13:19 - 2015-12-25 21:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 13:19 - 2015-12-25 14:38 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-03-10 13:19 - 2015-12-25 14:38 - 00002120 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-03-10 13:19 - 2015-12-23 18:31 - 00001927 _____ C:\Users\Vanessa\Desktop\Windows Media Player.lnk
2016-03-10 13:19 - 2015-12-21 15:35 - 00002391 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00002517 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00002104 _____ C:\Users\Public\Desktop\Dropbox 25 GB.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001536 _____ C:\Users\Public\Desktop\WPS Office.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001346 _____ C:\Users\Public\Desktop\WebStorage.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001180 _____ C:\Users\Public\Desktop\ASUS HiPost.lnk
2016-03-10 13:19 - 2015-10-05 06:12 - 00002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-03-10 13:19 - 2015-10-05 05:42 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-03-10 13:19 - 2015-08-18 06:28 - 00002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
2016-03-10 13:18 - 2015-12-25 21:11 - 00000000 ____D C:\Users\Vanessa
2016-03-10 13:18 - 2015-10-05 05:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-10 13:16 - 2015-10-05 06:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-10 13:15 - 2015-12-25 20:53 - 00261472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 13:14 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-10 13:12 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 13:12 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-10 13:12 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-10 12:19 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-10 12:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-10 12:09 - 2015-10-05 05:58 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-03-10 12:09 - 2015-10-05 05:58 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-03-09 22:25 - 2015-12-25 14:41 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48ABCAE0-DD1B-4554-91D4-47CD1AB4DC2B}
2016-03-09 16:24 - 2015-12-29 22:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:23 - 2015-12-25 20:52 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-09 15:10 - 2016-01-08 23:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Skype
2016-03-08 22:05 - 2015-12-28 23:23 - 00000000 ____D C:\Users\Vanessa\Desktop\Warcraft III Frozen Throne
2016-03-08 19:06 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-07 23:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\vlc
2016-02-29 17:46 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Vanessa\Desktop\CoD4 (Manu)
2016-02-26 12:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dvdcss
2016-02-20 12:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-19 03:20 - 2015-12-25 14:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVG
2016-02-16 21:39 - 2015-12-25 14:40 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dlg
2016-02-16 20:42 - 2016-01-07 17:36 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\DVDVideoSoft
2016-02-15 10:36 - 2015-12-25 14:38 - 00045992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-02-14 04:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 16:41 - 2016-01-08 23:37 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-10 17:42 - 2015-12-25 14:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 17:36 - 2015-12-25 14:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 02:31 - 2016-01-08 23:37 - 00000000 ___RD C:\Program Files (x86)\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-21 15:34 - 2016-03-10 19:37 - 0000165 _____ () C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2015-12-25 21:08 - 2015-12-25 21:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Vanessa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0686984 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\WINDOWS\system32\dnsapi.dll => kein Firmenname <===== ACHTUNG

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0535088 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\WINDOWS\SysWOW64\dnsapi.dll => kein Firmenname <===== ACHTUNG

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-09 21:37

==================== Ende von FRST.txt ============================

Ottokarl 10.03.2016 21:14
Und

Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Vanessa (2016-03-10 20:58:20)
Gestartet von C:\Users\Vanessa\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-25 20:30:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-483611294-2829987118-2205543787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-483611294-2829987118-2205543787-503 - Limited - Disabled)
Gast (S-1-5-21-483611294-2829987118-2205543787-501 - Limited - Disabled)
Vanessa (S-1-5-21-483611294-2829987118-2205543787-1001 - Administrator - Enabled) => C:\Users\Vanessa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Wonders 4: Magical Mystery Tour (HKLM-x32\...\7 Wonders 4: Magical Mystery Tour) (Version: 1.0.0.0 - INTENIUM GmbH)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader 6.0.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\Steam App 261430) (Version:  - NCSOFT)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.22.1.58906 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.22.3 - AVG Technologies) Hidden
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Edna Bricht Aus (HKLM-x32\...\EdnaSE) (Version: 1.0 - Daedalic Entertainment)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.0.1224 - DVDVideoSoft Ltd.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
Gomo (HKLM-x32\...\Gomo_is1) (Version: 1.1 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Heroes of Hellas (HKLM-x32\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Lawn & Order 2: Die Gartenverschwörung (HKLM-x32\...\Lawn & Order 2: Die Gartenverschwörung) (Version: 0.0.0.0 - INTENIUM GmbH)
Lawn & Order: Die Gartenprofis (HKLM-x32\...\Lawn & Order: Die Gartenprofis) (Version: 0.0.0.0 - INTENIUM GmbH)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.171 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Nero TuneItUp Free (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.4.1.1039 - Nero AG)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{e3b5e5c5-4557-4cbc-9927-7a947d002d51}) (Version: latest - ppy Pty Ltd)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Royal Defense (HKLM-x32\...\RoyalDefense) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version:  - )
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows-Treiberpaket - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-483611294-2829987118-2205543787-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B15309-9A15-4F89-939C-8A946EABAF0A} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {0270B724-30CA-44DA-ACE5-85855D9F7F5E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {03A2C72E-331C-4F11-89CC-D41D0C1B03B4} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {0E6B8205-2767-4B6C-9CB9-8DE6A7839583} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10845013-BF46-4E5D-A7F8-D0C92B8EBCD9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {43D7E929-EE59-4549-AD30-830F97B177E7} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6779CC7C-151F-47FE-BA0A-9DFDB03DA8FB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {69A85AC5-00CD-4960-8C87-44AA9A6708C0} - System32\Tasks\Nero TuneItUp => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe [2015-12-18] (Nero AG)
Task: {6C74C4F8-6F6D-45C9-A5EB-7B2F34203A48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {80291AB0-8F61-4C15-8820-E713556B3464} - System32\Tasks\Iwyqhowt => C:\PROGRA~1\SHOPPE~1\Wokwe.bat
Task: {86E40AB0-F3CB-4143-B4CE-2F0A5381A18A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {9521437B-E580-4899-8638-053CCE36BA52} - System32\Tasks\Nero TuneItUp (Tray) => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe [2015-12-18] (Nero AG)
Task: {A2141CD3-585C-49AF-BDF5-22CBF603734C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {A56AFB05-3237-4708-AEC8-E06A16EC68DB} - System32\Tasks\{FABCEED8-3F2C-4C84-B0CF-01F6D4E53F5B} => pcalua.exe -a E:\FarCryAutoCD.exe -d E:\
Task: {A62B4474-18F2-4158-93FA-4EF643286875} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-02-15] (AVG Technologies CZ, s.r.o.)
Task: {AF92B986-DE33-4872-B4F0-D846B5DDE1A7} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {C1766BD8-300E-4487-A008-225FC7F6A341} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {C87A4943-158C-4FE8-A342-01B63AE6BA7B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {DC233B71-6562-4D52-AEC1-C0B30BBFA891} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {E0F2E963-FFA3-47DC-A8F0-5133B4292258} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-29] (Realtek Semiconductor)
Task: {E3BF4274-C3E4-4B78-A9B4-B0FBECBDF562} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {E4389888-C5EC-4E72-B926-32C7A02B5134} - System32\Tasks\WpsNotifyTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {E9814E6E-FCFF-4F9A-9813-1DEBEE67BD5B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {F0F63C14-EC91-4475-8728-A14C01630782} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {F2C808F5-A339-4F47-8E0E-0A19E9AC8905} - System32\Tasks\WpsUpdateTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp.job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00686984 _____ () C:\WINDOWS\system32\DNSAPI.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00686984 _____ () C:\WINDOWS\System32\DNSAPI.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00686984 _____ () c:\windows\system32\DNSAPI.dll
2016-03-08 18:02 - 2016-03-08 18:02 - 00465088 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00686984 _____ () C:\WINDOWS\SYSTEM32\DNSAPI.dll
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-25 20:47 - 2015-12-25 20:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-08 22:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 18:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 18:19 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-07 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-07 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-08 17:24 - 2016-03-08 18:09 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-08 17:24 - 2016-03-08 18:09 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-08 17:24 - 2016-03-08 18:09 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-28 18:42 - 2009-05-20 12:36 - 03007800 _____ () C:\Users\Vanessa\Desktop\Plants vs Zombies Full\Plants vs Zombies\PlantsVsZombies.exe
2016-01-07 17:36 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-01-07 17:44 - 2015-12-18 12:25 - 00102864 _____ () C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\modules\common\asp_ipc32.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2015-12-25 14:34 - 2015-12-25 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2016-02-16 21:51 - 00001253 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vanessa\Desktop\DCIM\DCIM\Camera\20150525_131105.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
MpsSvc => Firewall Dienst läuft nicht.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68C9D58C-372D-40B9-A1AD-30C06C09294A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BAC89DB-7A7C-4B1E-8AB8-DEB6173CD930}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09436CFC-4CBB-4975-ACAD-708993158B05}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1602656-3867-402C-B9AF-AA703B8784C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E5A94CB-EAE9-4E57-B5F5-B6D96344DF8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38079EA8-AD17-4E0A-9963-C0643E74980C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF69EBE0-E584-44B9-B68C-CD42A83C77C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{917A28EF-4788-41CB-A69E-38902C2B79E7}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{13425C54-0AA3-4AD9-AAFE-22501492CB91}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{A95D19AF-90D0-40DB-BD0D-5991C958E778}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6958E1D-42C5-46DB-AE72-9AB315544A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{9ABAB0D7-A4D0-408A-80B5-38C60520E23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{975AC3BF-3A7F-4E46-A566-B2B25307FA76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-02-2016 09:07:25 Geplanter Prüfpunkt
03-03-2016 12:52:00 Geplanter Prüfpunkt
09-03-2016 20:43:18 Revo Uninstaller's restore point - Body Text Feathering
10-03-2016 20:49:56 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.0.1024
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/10/2016 12:10:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 2.3.125.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 26d0

Startzeit: 01d17abd57025acc

Beendigungszeit: 12

Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID: bb2ec647-e6b0-11e5-9bf0-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/10/2016 12:09:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 2.3.125.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1150

Startzeit: 01d17abd0ae97254

Beendigungszeit: 32

Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID: 85dae1bd-e6b0-11e5-9bf0-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 09:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MPCTray.exe, Version: 3.2.9127.113, Zeitstempel: 0x569630ed
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a853dc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026ffa
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0xMPCTray.exe0
Pfad der fehlerhaften Anwendung: MPCTray.exe1
Pfad des fehlerhaften Moduls: MPCTray.exe2
Berichtskennung: MPCTray.exe3
Vollständiger Name des fehlerhaften Pakets: MPCTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MPCTray.exe5

Error: (03/09/2016 08:43:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2016 07:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3898

Startzeit: 01d17a2fec4db74a

Beendigungszeit: 4

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 5677c9e3-e623-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm sllauncher.exe, Version 5.1.30514.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d74

Startzeit: 01d17a1a25af36f3

Beendigungszeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe

Berichts-ID: 69fa92fe-e60d-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 04:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x33dc
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/09/2016 03:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5


Systemfehler:
=============
Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1068netprofmNicht verfügbar{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%5

Error: (03/10/2016 08:59:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DHCP-Client" wurde mit folgendem Fehler beendet:
%%5


CodeIntegrity:
===================================
  Date: 2016-03-10 13:17:28.923
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 12:08:55.372
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 19:03:14.749
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 19:03:14.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3998.36 MB
Verfügbarer physikalischer RAM: 2076.76 MB
Summe virtueller Speicher: 8350.36 MB
Verfügbarer virtueller Speicher: 6315.92 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:185.55 GB) (Free:56.35 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:279.46 GB) (Free:279.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 60BF7956)

Partition: GPT.

==================== Ende von Addition.txt ============================
Ich hoffe das hilft etwas.

burningice 10.03.2016 23:21
da habts echt was eingefangen

Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
closeprocesses:
hosts:
C:\WINDOWS\system32\hojt
C:\extensions
C:\Users\Vanessa\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
folder: C:\Users\Public\Documents\dmp
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
S2 WajaIntEn Monitor; c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe [X]
c:\program files\WajaIntEn
2016-03-09 21:05 - 2016-03-09 21:05 - 00000000 ____D C:\ProgramData\simplitec
2016-02-17 23:38 - 2016-02-17 23:38 - 00003225 _____ C:\Users\Vanessa\yey papa´s.papa
2016-02-17 00:58 - 2016-02-17 00:58 - 00003144 _____ C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa
2016-02-16 21:51 - 2016-02-16 21:51 - 00003424 _____ C:\WINDOWS\System32\Tasks\Iwyqhowt
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Company
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Tempfolder
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\uninst
2016-02-09 15:51 - 2016-02-09 15:51 - 00003010 _____ C:\Users\Vanessa\papascheeseria_backup_2.papa
Task: {80291AB0-8F61-4C15-8820-E713556B3464} - System32\Tasks\Iwyqhowt => C:\PROGRA~1\SHOPPE~1\Wokwe.bat
C:\PROGRA~1\SHOPPE~1
cmd: sfc /scannow
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt: 3
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.




Schritt: 4
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von TDSSKiller
  • Logfile von FSS
  • Fixlog.txt
  • Frst.txt
  • Addition.txt

Ottokarl 11.03.2016 13:30
Wir haben alle Daten, aber die CODE-tags funktionieren aus irgendeinem Grund nicht mehr - gibt es eine andere Möglichkeit diese Ihnen zukommen zu lassen ?

burningice 12.03.2016 14:30
das bezweifle ich start dass die CODE-Tags nicht gehen.

Bitte poste dein Ergebnis zwischen Code-Tags
Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten.

Code-Tags?

Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein

http://www.trojaner-board.de/members...picture307.png



Notfalls kannst du die Logs anhängen.

Ottokarl 12.03.2016 17:47
Ok.

TDSSKiller part 1

Code:
13:09:52.0747 0x17a8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:09:52.0747 0x17a8  UEFI system
13:10:17.0452 0x17a8  ============================================================
13:10:17.0452 0x17a8  Current date / time: 2016/03/11 13:10:17.0452
13:10:17.0452 0x17a8  SystemInfo:
13:10:17.0452 0x17a8 
13:10:17.0452 0x17a8  OS Version: 10.0.10586 ServicePack: 0.0
13:10:17.0452 0x17a8  Product type: Workstation
13:10:17.0452 0x17a8  ComputerName: DESKTOP-5PNPL1E
13:10:17.0452 0x17a8  UserName: Vanessa
13:10:17.0452 0x17a8  Windows directory: C:\WINDOWS
13:10:17.0452 0x17a8  System windows directory: C:\WINDOWS
13:10:17.0452 0x17a8  Running under WOW64
13:10:17.0452 0x17a8  Processor architecture: Intel x64
13:10:17.0452 0x17a8  Number of processors: 4
13:10:17.0452 0x17a8  Page size: 0x1000
13:10:17.0452 0x17a8  Boot type: Normal boot
13:10:17.0452 0x17a8  ============================================================
13:10:17.0968 0x17a8  KLMD registered as C:\WINDOWS\system32\drivers\63643981.sys
13:10:18.0405 0x17a8  System UUID: {2E86713A-96D5-613A-AD80-807457B3C1F2}
13:10:19.0421 0x17a8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:10:19.0437 0x17a8  Drive \Device\Harddisk1\DR1 - Size: 0xF2E00000 ( 3.79 Gb ), SectorSize: 0x200, Cylinders: 0x1EF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:10:19.0437 0x17a8  ============================================================
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0:
13:10:19.0437 0x17a8  GPT partitions:
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E87CC48B-A9ED-41FB-9082-A1657A454906}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CCF1EB31-900A-4A00-AF65-29E8118D1685}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FE2B1C9A-D137-4F6E-A2FE-087F83F6669F}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x17318800
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E444EA48-76A9-4A85-84AC-092225148608}, Name: Basic data partition, StartLBA 0x173A3000, BlocksNum 0xF9800
13:10:19.0437 0x17a8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {44F2AC4D-BC17-4342-84EC-8DFDC80F649C}, Name: Basic data partition, StartLBA 0x1749C800, BlocksNum 0x22EE9800
13:10:19.0437 0x17a8  MBR partitions:
13:10:19.0437 0x17a8  \Device\Harddisk1\DR1:
13:10:19.0452 0x17a8  MBR partitions:
13:10:19.0452 0x17a8  ============================================================
13:10:19.0484 0x17a8  C: <-> \Device\Harddisk0\DR0\Partition3
13:10:19.0702 0x17a8  D: <-> \Device\Harddisk0\DR0\Partition5
13:10:19.0702 0x17a8  ============================================================
13:10:19.0702 0x17a8  Initialize success
13:10:19.0702 0x17a8  ============================================================
13:10:53.0095 0x0478  ============================================================
13:10:53.0095 0x0478  Scan started
13:10:53.0095 0x0478  Mode: Manual; SigCheck; TDLFS;
13:10:53.0095 0x0478  ============================================================
13:10:53.0095 0x0478  KSN ping started
13:10:53.0110 0x0478  KSN ping finished: false
13:10:56.0704 0x0478  ================ Scan system memory ========================
13:10:56.0704 0x0478  System memory - ok
13:10:56.0704 0x0478  ================ Scan services =============================
13:10:56.0892 0x0478  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:10:57.0001 0x0478  1394ohci - ok
13:10:57.0032 0x0478  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
13:10:57.0048 0x0478  3ware - ok
13:10:57.0095 0x0478  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:10:57.0126 0x0478  ACPI - ok
13:10:57.0173 0x0478  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:10:57.0204 0x0478  acpiex - ok
13:10:57.0220 0x0478  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:10:57.0251 0x0478  acpipagr - ok
13:10:57.0282 0x0478  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
13:10:57.0392 0x0478  AcpiPmi - ok
13:10:57.0423 0x0478  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:10:57.0517 0x0478  acpitime - ok
13:10:57.0626 0x0478  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:10:57.0689 0x0478  ADP80XX - ok
13:10:57.0736 0x0478  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD            C:\WINDOWS\system32\drivers\afd.sys
13:10:57.0782 0x0478  AFD - ok
13:10:57.0829 0x0478  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:10:57.0861 0x0478  agp440 - ok
13:10:57.0892 0x0478  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:10:57.0939 0x0478  ahcache - ok
13:10:58.0001 0x0478  [ 50910888109FA9C041D9256541BE70EC, 3E907506E386423DBD8DDCB36FDCE4F2FC2F90A522B24BEF60B8ED05F5A3BD0F ] AiCharger      C:\WINDOWS\system32\DRIVERS\AiCharger.sys
13:10:58.0032 0x0478  AiCharger - ok
13:10:58.0064 0x0478  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
13:10:58.0251 0x0478  AJRouter - ok
13:10:58.0314 0x0478  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG            C:\WINDOWS\System32\alg.exe
13:10:58.0454 0x0478  ALG - ok
13:10:58.0486 0x0478  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
13:10:58.0626 0x0478  AmdK8 - ok
13:10:58.0657 0x0478  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:10:58.0704 0x0478  AmdPPM - ok
13:10:58.0720 0x0478  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
13:10:58.0751 0x0478  amdsata - ok
13:10:58.0798 0x0478  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:10:58.0845 0x0478  amdsbs - ok
13:10:58.0861 0x0478  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
13:10:58.0876 0x0478  amdxata - ok
13:10:58.0907 0x0478  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID          C:\WINDOWS\system32\drivers\appid.sys
13:10:58.0923 0x0478  AppID - ok
13:10:58.0954 0x0478  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:10:59.0001 0x0478  AppIDSvc - ok
13:10:59.0017 0x0478  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
13:10:59.0048 0x0478  Appinfo - ok
13:10:59.0095 0x0478  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:10:59.0236 0x0478  AppReadiness - ok
13:10:59.0361 0x0478  [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
13:10:59.0532 0x0478  AppXSvc - ok
13:10:59.0579 0x0478  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:10:59.0595 0x0478  arcsas - ok
13:10:59.0689 0x0478  [ 41977237876244449B0B77C942884D51, EF0986A3B021D88457519EECC08C30BB2C6CA6B48032A8FA25DAA2632FD9CBD4 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
13:10:59.0720 0x0478  ASLDRService - ok
13:10:59.0736 0x0478  [ 116DD55EEF8843D7C526EB17A932822F, 003326A58256A5BF9912A0B4F6F39295C2909596B33C3837A0C85C7BA7523E14 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:10:59.0751 0x0478  ASMMAP64 - ok
13:10:59.0783 0x0478  [ 53D6A8E4BAA773E1E628EF3A68413CD2, 84A64C26028B4E490EF941C163911DE5093AF5874584A479AAB80758242174A6 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
13:10:59.0814 0x0478  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
13:10:59.0892 0x0478  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - warning
13:10:59.0954 0x0478  [ 36D09B8F7ABFA3C6BE5A9101F8B6A6E5, 0A5C36D146D73707DCDA263EF96063C63E5B32591EC0C9D781422F729E554D3A ] ASUSGiftBoxDekstop C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
13:10:59.0986 0x0478  ASUSGiftBoxDekstop - ok
13:11:00.0001 0x0478  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
13:11:00.0048 0x0478  AsyncMac - ok
13:11:00.0079 0x0478  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
13:11:00.0126 0x0478  atapi - ok
13:11:00.0329 0x0478  [ 6CCA54D9875198E34D47ACCF58BCED31, 25ADE595B5257CE395EEDDDAE3470E5676F4878C0AF5212246FFE7E13D5BE399 ] athr            C:\WINDOWS\System32\drivers\athw10x.sys
13:11:00.0720 0x0478  athr - ok
13:11:00.0751 0x0478  [ 89810E9E27C8BB0AFB01814523A76347, A85B817A16096730D8559FD5D5597CA1A9FA3F192FF83885840089AE8F7C9EF5 ] ATKGFNEXSrv    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:11:00.0751 0x0478  ATKGFNEXSrv - ok
13:11:00.0767 0x0478  [ 0E717D7FED23731863EC44B4031DC268, A6F98FE201320FE3FF041768E426008C86B15BA7593EA04B1AC71B6FAE837A1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:11:00.0783 0x0478  ATKWMIACPIIO - ok
13:11:00.0830 0x0478  [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP            C:\WINDOWS\System32\drivers\AsusTP.sys
13:11:00.0861 0x0478  ATP - ok
13:11:00.0892 0x0478  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:11:00.0970 0x0478  AudioEndpointBuilder - ok
13:11:01.0048 0x0478  [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:11:01.0126 0x0478  Audiosrv - ok
13:11:01.0220 0x0478  [ 04D3CB2E6E66B36B1BACC186E8C2AC2B, E2B235CA49ADD10737A5067654D02543364630715B73BDBB265E82653239B369 ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
13:11:01.0251 0x0478  avgsvc - ok
13:11:01.0298 0x0478  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:11:01.0329 0x0478  AxInstSV - ok
13:11:01.0392 0x0478  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
13:11:01.0423 0x0478  b06bdrv - ok
13:11:01.0439 0x0478  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:11:01.0486 0x0478  BasicDisplay - ok
13:11:01.0486 0x0478  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
13:11:01.0501 0x0478  BasicRender - ok
13:11:01.0548 0x0478  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
13:11:01.0579 0x0478  bcmfn - ok
13:11:01.0595 0x0478  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:11:01.0642 0x0478  bcmfn2 - ok
13:11:01.0751 0x0478  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:11:02.0126 0x0478  BDESVC - ok
13:11:02.0205 0x0478  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:11:02.0376 0x0478  Beep - ok
13:11:02.0470 0x0478  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE            C:\WINDOWS\System32\bfe.dll
13:11:02.0595 0x0478  BFE - ok
13:11:02.0673 0x0478  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:11:03.0080 0x0478  BITS - ok
13:11:03.0158 0x0478  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:11:03.0283 0x0478  bowser - ok
13:11:03.0330 0x0478  [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:11:03.0439 0x0478  BrokerInfrastructure - ok
13:11:03.0486 0x0478  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser        C:\WINDOWS\System32\browser.dll
13:11:03.0626 0x0478  Browser - ok
13:11:03.0673 0x0478  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:11:03.0705 0x0478  BthAvrcpTg - ok
13:11:03.0720 0x0478  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
13:11:03.0751 0x0478  BthHFEnum - ok
13:11:03.0783 0x0478  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:11:03.0814 0x0478  bthhfhid - ok
13:11:03.0861 0x0478  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:11:03.0908 0x0478  BthHFSrv - ok
13:11:03.0939 0x0478  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:11:03.0955 0x0478  BTHMODEM - ok
13:11:03.0986 0x0478  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv        C:\WINDOWS\system32\bthserv.dll
13:11:04.0064 0x0478  bthserv - ok
13:11:04.0080 0x0478  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:11:04.0142 0x0478  buttonconverter - ok
13:11:04.0314 0x0478  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:11:04.0361 0x0478  c2cautoupdatesvc - ok
13:11:04.0423 0x0478  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc      C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:11:04.0470 0x0478  c2cpnrsvc - ok
13:11:04.0533 0x0478  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
13:11:04.0736 0x0478  CapImg - ok
13:11:04.0767 0x0478  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:11:04.0814 0x0478  cdfs - ok
13:11:04.0845 0x0478  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
13:11:04.0986 0x0478  CDPSvc - ok
13:11:05.0033 0x0478  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
13:11:05.0064 0x0478  cdrom - ok
13:11:05.0111 0x0478  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
13:11:05.0173 0x0478  CertPropSvc - ok
13:11:05.0220 0x0478  [ 74DCBD4FC3ADEA87315281D8D17A62B2, 2FB47558C23929F44ABF34CAB5B07C882997447D8EA09661E3B4F023059E2C31 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
13:11:05.0220 0x0478  cfwids - ok
13:11:05.0252 0x0478  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:11:05.0283 0x0478  circlass - ok
13:11:05.0314 0x0478  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:11:05.0345 0x0478  CLFS - ok
13:11:05.0392 0x0478  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
13:11:05.0423 0x0478  ClipSVC - ok
13:11:05.0455 0x0478  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:11:05.0517 0x0478  CmBatt - ok
13:11:05.0580 0x0478  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
13:11:05.0611 0x0478  CNG - ok
13:11:05.0627 0x0478  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:11:05.0642 0x0478  cnghwassist - ok
13:11:05.0767 0x0478  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
13:11:05.0830 0x0478  CompositeBus - ok
13:11:05.0845 0x0478  COMSysApp - ok
13:11:05.0892 0x0478  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:11:05.0923 0x0478  condrv - ok
13:11:05.0986 0x0478  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:11:06.0017 0x0478  CoreMessagingRegistrar - ok
13:11:06.0111 0x0478  [ 01C7F7C6419661D9B92F4F31B3CEF22D, E18C47BF2121711B2D98C08FEFB0D77CD8806208AB4E5C2485577D15F3127AA7 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:11:06.0220 0x0478  cphs - ok
13:11:06.0252 0x0478  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:11:06.0283 0x0478  CryptSvc - ok
13:11:06.0314 0x0478  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam            C:\WINDOWS\system32\drivers\dam.sys
13:11:06.0314 0x0478  dam - ok
13:11:06.0361 0x0478  [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
13:11:06.0377 0x0478  dc3d - ok
13:11:06.0423 0x0478  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:11:06.0564 0x0478  DcomLaunch - ok
13:11:06.0611 0x0478  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
13:11:06.0658 0x0478  DcpSvc - ok
13:11:06.0720 0x0478  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
13:11:06.0798 0x0478  defragsvc - ok
13:11:06.0861 0x0478  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:11:06.0908 0x0478  DeviceAssociationService - ok
13:11:06.0939 0x0478  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
13:11:07.0002 0x0478  DeviceInstall - ok
13:11:07.0033 0x0478  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
13:11:07.0064 0x0478  DevQueryBroker - ok
13:11:07.0095 0x0478  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:11:07.0127 0x0478  Dfsc - ok
13:11:07.0174 0x0478  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:11:07.0205 0x0478  dg_ssudbus - ok
13:11:07.0252 0x0478  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:11:07.0408 0x0478  Dhcp - ok
13:11:07.0502 0x0478  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:11:07.0564 0x0478  diagnosticshub.standardcollector.service - ok
13:11:07.0674 0x0478  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
13:11:07.0736 0x0478  DiagTrack - ok
13:11:07.0892 0x0478  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
13:11:07.0908 0x0478  DigitalWave.Update.Service - ok
13:11:07.0939 0x0478  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:11:07.0955 0x0478  disk - ok
13:11:08.0002 0x0478  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:11:08.0111 0x0478  DmEnrollmentSvc - ok
13:11:08.0158 0x0478  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
13:11:08.0299 0x0478  dmvsc - ok
13:11:08.0345 0x0478  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:11:08.0392 0x0478  dmwappushservice - ok
13:11:08.0455 0x0478  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:11:08.0502 0x0478  Dnscache - ok
13:11:08.0533 0x0478  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
13:11:08.0580 0x0478  dot3svc - ok
13:11:08.0611 0x0478  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS            C:\WINDOWS\system32\dps.dll
13:11:08.0767 0x0478  DPS - ok
13:11:08.0799 0x0478  [ C1283B0BEE35F9AF3511E0EBA71F311C, 542D560B654EA4E4708837231A4A967FB4DF5CDB190B7D763E92B1F6FCB255B4 ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
13:11:08.0861 0x0478  dptf_cpu - ok
13:11:08.0892 0x0478  [ DB81D7A6BD9B191A09199D534E8BBEAB, 2AD2453C6FC2AB82BC91007F3E757D76E9EC310F788A29F649A030F4B45C338A ] dptf_pch        C:\WINDOWS\System32\drivers\dptf_pch.sys
13:11:08.0908 0x0478  dptf_pch - ok
13:11:08.0955 0x0478  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud        C:\WINDOWS\System32\drivers\drmkaud.sys
13:11:08.0970 0x0478  drmkaud - ok
13:11:09.0002 0x0478  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:11:09.0049 0x0478  DsmSvc - ok
13:11:09.0096 0x0478  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
13:11:09.0158 0x0478  DsSvc - ok
13:11:09.0267 0x0478  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:11:09.0345 0x0478  DXGKrnl - ok
13:11:09.0392 0x0478  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
13:11:09.0424 0x0478  Eaphost - ok
13:11:09.0564 0x0478  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
13:11:09.0767 0x0478  ebdrv - ok
13:11:09.0799 0x0478  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS            C:\WINDOWS\System32\lsass.exe
13:11:09.0814 0x0478  EFS - ok
13:11:09.0861 0x0478  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
13:11:09.0877 0x0478  EhStorClass - ok
13:11:09.0908 0x0478  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:11:09.0908 0x0478  EhStorTcgDrv - ok
13:11:09.0955 0x0478  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
13:11:10.0017 0x0478  embeddedmode - ok
13:11:10.0033 0x0478  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:11:10.0174 0x0478  EntAppSvc - ok
13:11:10.0189 0x0478  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:11:10.0221 0x0478  ErrDev - ok
13:11:10.0299 0x0478  [ 8A00CC653B8F02503C250FC1B9475807, 496517DD9E0BFFE03701E813EB7732578482ABA808771BE7889A27E1E2FEB647 ] esifsvc        C:\WINDOWS\SysWOW64\esif_uf.exe
13:11:10.0361 0x0478  esifsvc - ok
13:11:10.0377 0x0478  [ 99984B5D3378F8236F3A85E51ACEDD16, 73EE5B93C27C09F15BBAEADC8A293CB14FDD1E3DC65DDC0C665549D71F307D33 ] esif_lf        C:\WINDOWS\system32\DRIVERS\esif_lf.sys
13:11:10.0408 0x0478  esif_lf - ok
13:11:10.0471 0x0478  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem    C:\WINDOWS\system32\es.dll
13:11:10.0533 0x0478  EventSystem - ok
13:11:10.0564 0x0478  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
13:11:10.0642 0x0478  exfat - ok
13:11:10.0705 0x0478  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
13:11:10.0752 0x0478  fastfat - ok
13:11:10.0799 0x0478  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax            C:\WINDOWS\system32\fxssvc.exe
13:11:10.0924 0x0478  Fax - ok
13:11:10.0955 0x0478  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
13:11:10.0986 0x0478  fdc - ok
13:11:11.0017 0x0478  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
13:11:11.0049 0x0478  fdPHost - ok
13:11:11.0080 0x0478  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:11:11.0127 0x0478  FDResPub - ok
13:11:11.0142 0x0478  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
13:11:11.0189 0x0478  fhsvc - ok
13:11:11.0236 0x0478  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
13:11:11.0267 0x0478  FileCrypt - ok
13:11:11.0283 0x0478  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:11:11.0299 0x0478  FileInfo - ok
13:11:11.0330 0x0478  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
13:11:11.0361 0x0478  Filetrace - ok
13:11:11.0392 0x0478  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:11:11.0408 0x0478  flpydisk - ok
13:11:11.0439 0x0478  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:11:11.0471 0x0478  FltMgr - ok
13:11:11.0549 0x0478  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache      C:\WINDOWS\system32\FntCache.dll
13:11:11.0736 0x0478  FontCache - ok
13:11:11.0893 0x0478  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:11:11.0924 0x0478  FontCache3.0.0.0 - ok
13:11:11.0955 0x0478  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
13:11:11.0971 0x0478  FsDepends - ok
13:11:11.0986 0x0478  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:11:12.0002 0x0478  Fs_Rec - ok
13:11:12.0033 0x0478  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:11:12.0064 0x0478  fvevol - ok
13:11:12.0080 0x0478  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:11:12.0096 0x0478  gagp30kx - ok
13:11:12.0143 0x0478  [ D32DCD05E383D673F31FEB4442A52AA5, D0B529ACD196A8B50172584569CC7FB5D98F2CCC51C4EA141603F5ECCA084501 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
13:11:12.0158 0x0478  GamesAppIntegrationService - ok
13:11:12.0189 0x0478  [ C23410A44ADDF0E1A9B4BA42A5DD5EA7, 384382D16D09A17E29D8348E1CF8DD7E377607DB3472AB8888EF8E83671B772C ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:11:12.0205 0x0478  GamesAppService - ok
13:11:12.0236 0x0478  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:11:12.0268 0x0478  gencounter - ok
13:11:12.0314 0x0478  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
13:11:12.0471 0x0478  genericusbfn - ok
13:11:12.0564 0x0478  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:11:12.0627 0x0478  GPIOClx0101 - ok
13:11:12.0721 0x0478  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
13:11:12.0814 0x0478  gpsvc - ok
13:11:12.0846 0x0478  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:11:12.0861 0x0478  GpuEnergyDrv - ok
13:11:12.0939 0x0478  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:12.0971 0x0478  gupdate - ok
13:11:12.0971 0x0478  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:12.0986 0x0478  gupdatem - ok
13:11:13.0002 0x0478  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:11:13.0033 0x0478  HDAudBus - ok
13:11:13.0064 0x0478  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
13:11:13.0096 0x0478  HidBatt - ok
13:11:13.0127 0x0478  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:11:13.0174 0x0478  HidBth - ok
13:11:13.0205 0x0478  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:11:13.0236 0x0478  hidi2c - ok
13:11:13.0268 0x0478  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:11:13.0283 0x0478  hidinterrupt - ok
13:11:13.0299 0x0478  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
13:11:13.0330 0x0478  HidIr - ok
13:11:13.0393 0x0478  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv        C:\WINDOWS\system32\hidserv.dll
13:11:13.0455 0x0478  hidserv - ok
13:11:13.0471 0x0478  [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch      C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
13:11:13.0486 0x0478  HIDSwitch - ok
13:11:13.0533 0x0478  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:11:13.0564 0x0478  HidUsb - ok
13:11:13.0627 0x0478  [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
13:11:13.0658 0x0478  HipShieldK - ok
13:11:13.0705 0x0478  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:11:13.0830 0x0478  HomeGroupListener - ok
13:11:13.0908 0x0478  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:11:13.0955 0x0478  HomeGroupProvider - ok
13:11:14.0064 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:11:14.0080 0x0478  HomeNetSvc - ok
13:11:14.0127 0x0478  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:11:14.0158 0x0478  HpSAMD - ok
13:11:14.0221 0x0478  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:11:14.0268 0x0478  HTTP - ok
13:11:14.0299 0x0478  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:11:14.0314 0x0478  hwpolicy - ok
13:11:14.0330 0x0478  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:11:14.0346 0x0478  hyperkbd - ok
13:11:14.0377 0x0478  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:11:14.0424 0x0478  i8042prt - ok
13:11:14.0440 0x0478  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
13:11:14.0486 0x0478  iai2c - ok
13:11:14.0627 0x0478  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:11:14.0721 0x0478  iaLPSS2i_I2C - ok
13:11:14.0736 0x0478  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:11:14.0768 0x0478  iaLPSSi_GPIO - ok
13:11:14.0783 0x0478  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:11:14.0846 0x0478  iaLPSSi_I2C - ok
13:11:14.0986 0x0478  [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
13:11:15.0033 0x0478  iaStorA - ok
13:11:15.0065 0x0478  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:11:15.0111 0x0478  iaStorAV - ok
13:11:15.0174 0x0478  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
13:11:15.0205 0x0478  iaStorV - ok
13:11:15.0236 0x0478  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
13:11:15.0252 0x0478  ibbus - ok
13:11:15.0299 0x0478  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
13:11:15.0502 0x0478  icssvc - ok
13:11:15.0518 0x0478  IEEtwCollectorService - ok
13:11:15.0736 0x0478  [ B31067C03D2EF7D4226B14CCAE294BBA, E56C79B0272319D45BF19247569280FC718B34421FF4DF8341C7D33C7C049B32 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:11:16.0018 0x0478  igfx - ok
13:11:16.0096 0x0478  [ 2EF50B0191B324B18A36805AEA0EE429, 156185811F0DAFFE89FB780359B9F02253816FF8A341E58FAE7F0C65E71E38A0 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:11:16.0127 0x0478  igfxCUIService2.0.0.0 - ok
13:11:16.0299 0x0478  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:11:16.0408 0x0478  IKEEXT - ok
13:11:16.0986 0x0478  [ 0673227369C14ACC35057CDADC50B3D7, D79CE32BA44AB4D26D933AFBD5B49D5F22CB21D8DA08A216DB69E0F240B97CCE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:11:17.0205 0x0478  IntcAzAudAddService - ok
13:11:17.0393 0x0478  [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:11:17.0424 0x0478  IntcDAud - ok
13:11:18.0127 0x0478  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:11:18.0221 0x0478  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:11:18.0362 0x0478  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
13:11:18.0424 0x0478  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
13:11:18.0424 0x0478  Intel(R) Security Assist ( UnsignedFile.Multi.Generic ) - warning
13:11:18.0455 0x0478  [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc    C:\WINDOWS\system32\drivers\IntelPcc.sys
13:11:18.0487 0x0478  IntelHSWPcc - ok
13:11:18.0502 0x0478  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:11:18.0518 0x0478  intelide - ok
13:11:18.0549 0x0478  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:11:18.0565 0x0478  intelpep - ok
13:11:18.0596 0x0478  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:11:18.0612 0x0478  intelppm - ok
13:11:18.0705 0x0478  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos          C:\WINDOWS\system32\drivers\ioqos.sys
13:11:18.0924 0x0478  IoQos - ok
13:11:19.0018 0x0478  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:11:19.0080 0x0478  IpFilterDriver - ok
13:11:19.0315 0x0478  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:11:19.0455 0x0478  iphlpsvc - ok
13:11:19.0487 0x0478  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:11:19.0737 0x0478  IPMIDRV - ok
13:11:19.0799 0x0478  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
13:11:19.0846 0x0478  IPNAT - ok
13:11:19.0877 0x0478  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:11:19.0924 0x0478  IRENUM - ok
13:11:19.0955 0x0478  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
13:11:20.0002 0x0478  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:11:20.0002 0x0478  isaHelperSvc ( UnsignedFile.Multi.Generic ) - warning
13:11:20.0002 0x0478  Force sending object to P2P due to detect: isaHelperSvc
13:11:20.0002 0x0478  Object send P2P result: false
13:11:20.0034 0x0478  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:11:20.0065 0x0478  isapnp - ok
13:11:20.0159 0x0478  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:11:20.0190 0x0478  iScsiPrt - ok
13:11:20.0330 0x0478  [ 038CDE75D1D81B157C133EFC3471F939, 4E64FE8ECD53C06FCC07E361B727A6689E0738D453CE4EFB9C64428F3884DE46 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:11:20.0362 0x0478  jhi_service - ok
13:11:20.0409 0x0478  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:11:20.0424 0x0478  kbdclass - ok
13:11:20.0440 0x0478  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:11:20.0487 0x0478  kbdhid - ok
13:11:20.0565 0x0478  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
13:11:20.0799 0x0478  kdnic - ok
13:11:20.0862 0x0478  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:11:20.0893 0x0478  KeyIso - ok
13:11:21.0080 0x0478  [ ED8E4FEC1D078C709DCC4D920416F7F5, 06197ECC1C8F315F6D843313AF24D269F1AAECC349D6E3BAA039057C85C75E72 ] Kingsoft_WPS_UpdateService C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
13:11:21.0112 0x0478  Kingsoft_WPS_UpdateService - ok
13:11:21.0159 0x0478  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:11:21.0174 0x0478  KSecDD - ok
13:11:21.0268 0x0478  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:11:21.0330 0x0478  KSecPkg - ok
13:11:21.0362 0x0478  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
13:11:21.0377 0x0478  ksthunk - ok
13:11:21.0487 0x0478  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
13:11:21.0565 0x0478  KtmRm - ok
13:11:21.0627 0x0478  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:11:21.0674 0x0478  LanmanServer - ok
13:11:21.0784 0x0478  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:11:21.0815 0x0478  LanmanWorkstation - ok
13:11:21.0877 0x0478  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
13:11:22.0049 0x0478  lfsvc - ok
13:11:22.0112 0x0478  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
13:11:22.0315 0x0478  LicenseManager - ok
13:11:22.0377 0x0478  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
13:11:22.0409 0x0478  lltdio - ok
13:11:22.0456 0x0478  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
13:11:22.0518 0x0478  lltdsvc - ok
13:11:22.0565 0x0478  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
13:11:22.0706 0x0478  lmhosts - ok
13:11:22.0909 0x0478  [ 57AD6DFAB9C84BAAF008F57DFE2335EA, 8981A7D1C1FBA57530B274246D5DD4D8C09D16A255B0E91EDB7047F0E6910C23 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:11:22.0924 0x0478  LMS - ok
13:11:22.0971 0x0478  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
13:11:23.0018 0x0478  LSI_SAS - ok
13:11:23.0049 0x0478  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:11:23.0065 0x0478  LSI_SAS2i - ok
13:11:23.0081 0x0478  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:11:23.0096 0x0478  LSI_SAS3i - ok
13:11:23.0112 0x0478  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
13:11:23.0127 0x0478  LSI_SSS - ok
13:11:23.0206 0x0478  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM            C:\WINDOWS\System32\lsm.dll
13:11:23.0237 0x0478  LSM - ok
13:11:23.0268 0x0478  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
13:11:23.0299 0x0478  luafv - ok
13:11:23.0346 0x0478  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
13:11:23.0502 0x0478  MapsBroker - ok
13:11:23.0627 0x0478  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector  C:\WINDOWS\system32\drivers\mbam.sys
13:11:23.0627 0x0478  MBAMProtector - ok
13:11:23.0643 0x0478  MBAMService - ok
13:11:23.0643 0x0478  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:11:23.0659 0x0478  MBAMWebAccessControl - ok
13:11:23.0721 0x0478  [ 7D38CFBFB7BC4F9DA8A12AB63D2408B6, 36A425A552ADED49ABB95C2BBCF8E59AC9939BEF7B095BF27A5B381C9C98CAE8 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
13:11:23.0752 0x0478  McAfee SiteAdvisor Service - ok
13:11:23.0831 0x0478  [ DE8FDA27A8A935D4A7E16BBCC68FCDFF, 242B754BF914B0C15359D9E512D4ECE3C8A3C2B2D6414BD87725174AC576EFC0 ] McAPExe        C:\Program Files\McAfee\MSC\McAPExe.exe
13:11:23.0877 0x0478  McAPExe - ok
13:11:23.0924 0x0478  [ 78A4ACEE5E42C9F04A59D769B1F545DB, FD03A09A98E1ED6D1D9979C2FAA145577329FB5D10457D5950648F755747AD2F ] McAWFwk        C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
13:11:23.0940 0x0478  McAWFwk - ok
13:11:23.0971 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:11:23.0987 0x0478  McBootDelayStartSvc - ok
13:11:24.0299 0x0478  [ 5660057DD2849F798434123891F612F2, 7F421A3A74BD6D1A32D8F4858D7DF456352AEF1EF7D17160BD8F4B49C0AFDCF4 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
13:11:24.0346 0x0478  mccspsvc - ok
13:11:24.0393 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:11:24.0409 0x0478  McMPFSvc - ok
13:11:24.0440 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McNaiAnn        C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
13:11:24.0471 0x0478  McNaiAnn - ok
13:11:24.0581 0x0478  [ EE31D160F400AC5A0CD06FA36E9125CB, 4226737B70B07721161FBD413024D301F407ECC3B9410CDC56BCD5571C6B75CA ] McODS          C:\Program Files\mcafee\VirusScan\mcods.exe
13:11:24.0643 0x0478  McODS - ok
13:11:24.0674 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McOobeSv2      C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
13:11:24.0690 0x0478  McOobeSv2 - ok
13:11:24.0721 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] mcpltsvc        C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
13:11:24.0737 0x0478  mcpltsvc - ok
13:11:24.0753 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McProxy        C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
13:11:24.0784 0x0478  McProxy - ok
13:11:24.0815 0x0478  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
13:11:24.0831 0x0478  megasas - ok
13:11:24.0878 0x0478  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:11:24.0909 0x0478  megasr - ok
13:11:24.0956 0x0478  [ 296C443FCC228EA643ED310465772820, 4846A29DD631E2E253560E7A28439AE11F244AB77F0C826AD56EA485577DBDD6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:11:24.0971 0x0478  MEIx64 - ok
13:11:25.0018 0x0478  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:11:25.0159 0x0478  MessagingService - ok
13:11:25.0393 0x0478  [ 0AD2A3FFE438E5F7E9F0C16E6917B5BA, 57416AB3389D8E464DDB00230A0A2F1C12BC22F51FB0730DACE54ADFAA7AAAEE ] mfeaack        C:\WINDOWS\system32\drivers\mfeaack.sys
13:11:25.0424 0x0478  mfeaack - ok
13:11:25.0456 0x0478  [ F280FF5882EC38F996AECE08045F3CC2, 2750B509C84FBE3F756310C331A84614F079D2BD67747694A1EFD611AFD6CCAC ] mfeavfk        C:\WINDOWS\system32\drivers\mfeavfk.sys
13:11:25.0487 0x0478  mfeavfk - ok
13:11:25.0518 0x0478  [ 24AEBF843F88CF0A5B455F483F8F0100, 5E29549F6074997910271B838A77EDF2878D2D3B4B751813592F1C6EEA8112E7 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
13:11:25.0549 0x0478  mfeelamk - ok
13:11:25.0628 0x0478  [ 376838F824FD863753D397BAE2937657, D8EC7323ECAC24EF51BEA57A8CE570BBC9FA5457F03582102404BE5EB7BCC677 ] mfefire        C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:11:25.0643 0x0478  mfefire - ok
13:11:25.0799 0x0478  [ B9E87313F2AECFFCD6ABCB364A8DB44D, 7A630ADAC5637E2597336AC229FB5276CCCBAE25E5B5EE85B6CD9FCEF7155EA4 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
13:11:25.0815 0x0478  mfefirek - ok
13:11:25.0878 0x0478  [ AC1394617F8537EBDEBF2F6B3BEAA547, 8A024E19934361A0C8B1EAA9994C312DD9AB4220037126BF6063F04BCB3A5DAE ] mfehidk        C:\WINDOWS\system32\drivers\mfehidk.sys
13:11:25.0909 0x0478  mfehidk - ok
13:11:25.0956 0x0478  [ CE459BB0C106BEAB85B68807BDC7C2D8, 3AB5BED575A24B8A7C5A63206C9B1E10498F823DB96A4B44DDF9BE3EA3A77753 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
13:11:25.0971 0x0478  mfemms - ok
13:11:26.0018 0x0478  [ EF6CF3FF9402D7DA6212DC9BC710B2E0, A71A5AA41EA6C0AF1A6D5256493791C5568D8A4B74961F1A1CF77BBFCEFD4FE8 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
13:11:26.0034 0x0478  mfencbdc - ok
13:11:26.0049 0x0478  [ 367E9C097D1A1615159A084AE2BB2DA8, EE5B018C5229818CC3A516594F2F873D4E801FB155D68B26C258FB98BB323743 ] mfencrk        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
13:11:26.0065 0x0478  mfencrk - ok
13:11:26.0128 0x0478  [ 3DAB795016D323756804111C7EF2D3C2, 442AE21463109D0866ABD5423B2B5FE672934D76B3940F3DA1FBC48EDBE218EC ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
13:11:26.0128 0x0478  mfesapsn - ok
13:11:26.0174 0x0478  [ CCBD7980E8617C364B9A1AE022FF4603, 81FE07F7459E90A90584702EC20FB472A8800F6FAFA886BAA5D9CBA6C2869460 ] mfevtp          C:\Windows\system32\mfevtps.exe
13:11:26.0190 0x0478  mfevtp - ok
13:11:26.0221 0x0478  [ F8B33D091747D746550BC05CC9DEF609, 21FF366AB4C56C71A36B243B72596B702AA4284BD7D860F4B2D39B1912184150 ] mfewfpk        C:\WINDOWS\system32\drivers\mfewfpk.sys
13:11:26.0237 0x0478  mfewfpk - ok
13:11:26.0315 0x0478  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:11:26.0346 0x0478  mlx4_bus - ok
13:11:26.0393 0x0478  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
13:11:26.0518 0x0478  MMCSS - ok
13:11:26.0549 0x0478  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem          C:\WINDOWS\system32\drivers\modem.sys
13:11:26.0581 0x0478  Modem - ok
13:11:26.0643 0x0478  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
13:11:26.0768 0x0478  monitor - ok
13:11:26.0815 0x0478  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:11:26.0831 0x0478  mouclass - ok
13:11:26.0831 0x0478  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:11:26.0940 0x0478  mouhid - ok
13:11:26.0971 0x0478  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:11:26.0971 0x0478  mountmgr - ok
13:11:27.0003 0x0478  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:11:27.0065 0x0478  mpsdrv - ok
13:11:27.0128 0x0478  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:11:27.0175 0x0478  MpsSvc - ok
13:11:27.0221 0x0478  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:11:27.0346 0x0478  MRxDAV - ok
13:11:27.0425 0x0478  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:11:27.0456 0x0478  mrxsmb - ok
13:11:27.0487 0x0478  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:11:27.0581 0x0478  mrxsmb10 - ok
13:11:27.0612 0x0478  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:11:27.0643 0x0478  mrxsmb20 - ok
13:11:27.0675 0x0478  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
13:11:27.0784 0x0478  MsBridge - ok
13:11:27.0846 0x0478  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
13:11:27.0862 0x0478  MSDTC - ok
13:11:27.0893 0x0478  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:11:27.0925 0x0478  Msfs - ok
13:11:27.0956 0x0478  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:11:27.0971 0x0478  msgpiowin32 - ok
13:11:27.0987 0x0478  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:11:28.0003 0x0478  mshidkmdf - ok
13:11:28.0034 0x0478  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
13:11:28.0081 0x0478  mshidumdf - ok
13:11:28.0096 0x0478  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:11:28.0112 0x0478  msisadrv - ok
13:11:28.0143 0x0478  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
13:11:28.0175 0x0478  MSiSCSI - ok
13:11:28.0190 0x0478  msiserver - ok
13:11:28.0221 0x0478  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:11:28.0237 0x0478  MSK80Service - ok
13:11:28.0268 0x0478  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:11:28.0300 0x0478  MSKSSRV - ok
13:11:28.0331 0x0478  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
13:11:28.0362 0x0478  MsLldp - ok
13:11:28.0393 0x0478  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:11:28.0425 0x0478  MSPCLOCK - ok
13:11:28.0440 0x0478  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:11:28.0456 0x0478  MSPQM - ok
13:11:28.0487 0x0478  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
13:11:28.0518 0x0478  MsRPC - ok
13:11:28.0550 0x0478  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:11:28.0565 0x0478  mssmbios - ok
13:11:28.0581 0x0478  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:11:28.0612 0x0478  MSTEE - ok
13:11:28.0628 0x0478  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:11:28.0659 0x0478  MTConfig - ok
13:11:28.0690 0x0478  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
13:11:28.0706 0x0478  Mup - ok
13:11:28.0722 0x0478  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:11:28.0737 0x0478  mvumis - ok
13:11:28.0800 0x0478  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:11:28.0862 0x0478  NativeWifiP - ok
13:11:28.0909 0x0478  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:11:29.0034 0x0478  NcaSvc - ok
13:11:29.0065 0x0478  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:11:29.0159 0x0478  NcbService - ok
13:11:29.0190 0x0478  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:11:29.0253 0x0478  NcdAutoSetup - ok
13:11:29.0315 0x0478  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
13:11:29.0362 0x0478  ndfltr - ok
13:11:29.0409 0x0478  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:11:29.0456 0x0478  NDIS - ok
13:11:29.0471 0x0478  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
13:11:29.0565 0x0478  NdisCap - ok
13:11:29.0612 0x0478  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:11:29.0659 0x0478  NdisImPlatform - ok
13:11:29.0675 0x0478  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:11:29.0737 0x0478  NdisTapi - ok
13:11:29.0753 0x0478  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
13:11:29.0784 0x0478  Ndisuio - ok
13:11:29.0831 0x0478  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:11:29.0862 0x0478  NdisVirtualBus - ok
13:11:29.0893 0x0478  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
13:11:29.0909 0x0478  NdisWan - ok
13:11:29.0925 0x0478  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:11:29.0940 0x0478  ndiswanlegacy - ok
13:11:29.0972 0x0478  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:11:30.0003 0x0478  ndproxy - ok
13:11:30.0034 0x0478  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
13:11:30.0159 0x0478  Ndu - ok
13:11:30.0190 0x0478  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
13:11:30.0206 0x0478  NetBIOS - ok
13:11:30.0253 0x0478  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
13:11:30.0331 0x0478  NetBT - ok
13:11:30.0362 0x0478  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:11:30.0378 0x0478  Netlogon - ok
13:11:30.0425 0x0478  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
13:11:30.0472 0x0478  Netman - ok
13:11:30.0518 0x0478  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:11:30.0597 0x0478  netprofm - ok
13:11:30.0628 0x0478  [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
13:11:30.0706 0x0478  NetSetupSvc - ok
13:11:30.0769 0x0478  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:30.0956 0x0478  NetTcpPortSharing - ok
13:11:30.0987 0x0478  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
13:11:31.0112 0x0478  NgcCtnrSvc - ok
13:11:31.0159 0x0478  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
13:11:31.0315 0x0478  NgcSvc - ok
13:11:31.0362 0x0478  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:11:31.0425 0x0478  NlaSvc - ok
13:11:31.0456 0x0478  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:11:31.0472 0x0478  Npfs - ok
13:11:31.0503 0x0478  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
13:11:31.0612 0x0478  npsvctrig - ok
13:11:31.0659 0x0478  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi            C:\WINDOWS\system32\nsisvc.dll
13:11:31.0722 0x0478  nsi - ok
13:11:31.0722 0x0478  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

Ottokarl 12.03.2016 17:50
TDSSKiller part 2

Code:
13:11:31.0784 0x0478  nsiproxy - ok
13:11:31.0987 0x0478  [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
13:11:32.0081 0x0478  NTFS - ok
13:11:32.0144 0x0478  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:11:32.0159 0x0478  Null - ok
13:11:32.0659 0x0478  [ 1490720DD0606D8B5E61C4CCB0F8CD55, D2E7425FBE5A9AC74587E2B5481C988D9808217B514833C133841385C89B359B ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:11:33.0081 0x0478  nvlddmkm - ok
13:11:33.0159 0x0478  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:11:33.0175 0x0478  nvraid - ok
13:11:33.0190 0x0478  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:11:33.0206 0x0478  nvstor - ok
13:11:33.0269 0x0478  [ 8194FC1EC2EE36F63CFDC62595444FB2, E91EE3CCD98624E867FAA65E6007AE1FF6718FFAA0C6C29871D934B315D5FDA8 ] nvsvc          C:\WINDOWS\system32\nvvsvc.exe
13:11:33.0300 0x0478  nvsvc - ok
13:11:33.0315 0x0478  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:11:33.0331 0x0478  nv_agp - ok
13:11:33.0378 0x0478  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
13:11:33.0425 0x0478  OneSyncSvc - ok
13:11:33.0534 0x0478  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:11:33.0690 0x0478  p2pimsvc - ok
13:11:33.0753 0x0478  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:11:33.0784 0x0478  p2psvc - ok
13:11:33.0816 0x0478  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
13:11:33.0847 0x0478  Parport - ok
13:11:33.0878 0x0478  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
13:11:33.0894 0x0478  partmgr - ok
13:11:33.0956 0x0478  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:11:33.0987 0x0478  PcaSvc - ok
13:11:34.0003 0x0478  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci            C:\WINDOWS\system32\drivers\pci.sys
13:11:34.0034 0x0478  pci - ok
13:11:34.0050 0x0478  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:11:34.0065 0x0478  pciide - ok
13:11:34.0097 0x0478  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:11:34.0112 0x0478  pcmcia - ok
13:11:34.0128 0x0478  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
13:11:34.0144 0x0478  pcw - ok
13:11:34.0159 0x0478  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
13:11:34.0175 0x0478  pdc - ok
13:11:34.0237 0x0478  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:11:34.0284 0x0478  PEAUTH - ok
13:11:34.0409 0x0478  [ C034A645D8A75FEA04F0A4FF3EF1253D, 1005F060D7FABCC8B2BABB9236FC8826BB0CD284127911E0BF7B7AFA96E688AC ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
13:11:34.0440 0x0478  PEFService - ok
13:11:34.0472 0x0478  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
13:11:34.0487 0x0478  percsas2i - ok
13:11:34.0503 0x0478  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
13:11:34.0519 0x0478  percsas3i - ok
13:11:34.0612 0x0478  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:11:34.0784 0x0478  PerfHost - ok
13:11:34.0847 0x0478  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
13:11:35.0019 0x0478  PhoneSvc - ok
13:11:35.0066 0x0478  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:11:35.0175 0x0478  PimIndexMaintenanceSvc - ok
13:11:35.0284 0x0478  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla            C:\WINDOWS\system32\pla.dll
13:11:35.0362 0x0478  pla - ok
13:11:35.0425 0x0478  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:11:35.0487 0x0478  PlugPlay - ok
13:11:35.0519 0x0478  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
13:11:35.0550 0x0478  PNRPAutoReg - ok
13:11:35.0581 0x0478  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:11:35.0612 0x0478  PNRPsvc - ok
13:11:35.0659 0x0478  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
13:11:35.0722 0x0478  PolicyAgent - ok
13:11:35.0753 0x0478  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power          C:\WINDOWS\system32\umpo.dll
13:11:35.0784 0x0478  Power - ok
13:11:35.0816 0x0478  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
13:11:35.0862 0x0478  PptpMiniport - ok
13:11:36.0034 0x0478  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:11:36.0316 0x0478  PrintNotify - ok
13:11:36.0362 0x0478  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor      C:\WINDOWS\System32\drivers\processr.sys
13:11:36.0409 0x0478  Processor - ok
13:11:36.0456 0x0478  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
13:11:36.0487 0x0478  ProfSvc - ok
13:11:36.0503 0x0478  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
13:11:36.0519 0x0478  Psched - ok
13:11:36.0581 0x0478  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE          C:\WINDOWS\system32\qwave.dll
13:11:36.0722 0x0478  QWAVE - ok
13:11:36.0769 0x0478  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:11:36.0800 0x0478  QWAVEdrv - ok
13:11:36.0831 0x0478  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:11:36.0925 0x0478  RasAcd - ok
13:11:36.0972 0x0478  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
13:11:36.0987 0x0478  RasAgileVpn - ok
13:11:37.0019 0x0478  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
13:11:37.0050 0x0478  RasAuto - ok
13:11:37.0097 0x0478  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
13:11:37.0175 0x0478  Rasl2tp - ok
13:11:37.0238 0x0478  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:11:37.0284 0x0478  RasMan - ok
13:11:37.0300 0x0478  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:11:37.0331 0x0478  RasPppoe - ok
13:11:37.0363 0x0478  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
13:11:37.0394 0x0478  RasSstp - ok
13:11:37.0456 0x0478  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:11:37.0488 0x0478  rdbss - ok
13:11:37.0503 0x0478  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:11:37.0613 0x0478  rdpbus - ok
13:11:37.0644 0x0478  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
13:11:37.0691 0x0478  RDPDR - ok
13:11:37.0753 0x0478  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:11:37.0769 0x0478  RdpVideoMiniport - ok
13:11:37.0784 0x0478  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:11:37.0800 0x0478  rdyboost - ok
13:11:37.0847 0x0478  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
13:11:37.0894 0x0478  ReFSv1 - ok
13:11:37.0941 0x0478  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:11:38.0003 0x0478  RemoteAccess - ok
13:11:38.0034 0x0478  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:11:38.0081 0x0478  RemoteRegistry - ok
13:11:38.0144 0x0478  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
13:11:38.0206 0x0478  RetailDemo - ok
13:11:38.0238 0x0478  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:11:38.0300 0x0478  RpcEptMapper - ok
13:11:38.0378 0x0478  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:11:38.0409 0x0478  RpcLocator - ok
13:11:38.0472 0x0478  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
13:11:38.0534 0x0478  RpcSs - ok
13:11:38.0566 0x0478  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
13:11:38.0597 0x0478  rspndr - ok
13:11:38.0675 0x0478  [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
13:11:38.0706 0x0478  rt640x64 - ok
13:11:38.0753 0x0478  [ 065532A5DE3FCD9D9F104A9AA42584BE, 87A5CF88DD080E3D91E0137B4A8B255C3AF0C6436447702BE1EE0BCDFFD11A9B ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
13:11:38.0784 0x0478  RTSUER - ok
13:11:38.0816 0x0478  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
13:11:38.0863 0x0478  s3cap - ok
13:11:38.0910 0x0478  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs          C:\WINDOWS\system32\lsass.exe
13:11:38.0910 0x0478  SamSs - ok
13:11:38.0956 0x0478  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:11:38.0988 0x0478  sbp2port - ok
13:11:39.0035 0x0478  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:11:39.0081 0x0478  SCardSvr - ok
13:11:39.0113 0x0478  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:11:39.0144 0x0478  ScDeviceEnum - ok
13:11:39.0191 0x0478  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:11:39.0253 0x0478  scfilter - ok
13:11:39.0394 0x0478  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:11:39.0472 0x0478  Schedule - ok
13:11:39.0519 0x0478  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
13:11:39.0550 0x0478  SCPolicySvc - ok
13:11:39.0581 0x0478  [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
13:11:39.0597 0x0478  sdbus - ok
13:11:39.0644 0x0478  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:11:39.0769 0x0478  SDRSVC - ok
13:11:39.0831 0x0478  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:11:39.0847 0x0478  sdstor - ok
13:11:39.0847 0x0478  SecDrv - ok
13:11:39.0894 0x0478  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:11:40.0019 0x0478  seclogon - ok
13:11:40.0113 0x0478  [ F023056C8DD56ECADDB808C01BB5CF05, 2EB8F6E143CDDC349403AA1D9A811222FA0BECEA02740632AC0751B57F9EDA99 ] SecureLine      C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
13:11:40.0128 0x0478  SecureLine - ok
13:11:40.0175 0x0478  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
13:11:40.0238 0x0478  SENS - ok
13:11:40.0300 0x0478  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:11:40.0378 0x0478  SensorDataService - ok
13:11:40.0410 0x0478  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService  C:\WINDOWS\system32\SensorService.dll
13:11:40.0535 0x0478  SensorService - ok
13:11:40.0581 0x0478  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:11:40.0691 0x0478  SensrSvc - ok
13:11:40.0753 0x0478  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
13:11:40.0785 0x0478  SerCx - ok
13:11:40.0832 0x0478  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:11:40.0847 0x0478  SerCx2 - ok
13:11:40.0863 0x0478  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
13:11:40.0894 0x0478  Serenum - ok
13:11:40.0941 0x0478  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:11:40.0988 0x0478  Serial - ok
13:11:41.0035 0x0478  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:11:41.0066 0x0478  sermouse - ok
13:11:41.0160 0x0478  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:11:41.0207 0x0478  SessionEnv - ok
13:11:41.0238 0x0478  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
13:11:41.0269 0x0478  sfloppy - ok
13:11:41.0378 0x0478  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:11:41.0503 0x0478  SharedAccess - ok
13:11:41.0550 0x0478  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:11:41.0628 0x0478  ShellHWDetection - ok
13:11:41.0660 0x0478  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:11:41.0675 0x0478  SiSRaid2 - ok
13:11:41.0691 0x0478  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:11:41.0706 0x0478  SiSRaid4 - ok
13:11:41.0800 0x0478  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
13:11:41.0831 0x0478  SkypeUpdate - ok
13:11:41.0878 0x0478  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost        C:\WINDOWS\System32\smphost.dll
13:11:41.0910 0x0478  smphost - ok
13:11:42.0035 0x0478  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
13:11:42.0097 0x0478  SmsRouter - ok
13:11:42.0128 0x0478  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:11:42.0160 0x0478  SNMPTRAP - ok
13:11:42.0222 0x0478  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
13:11:42.0253 0x0478  spaceport - ok
13:11:42.0285 0x0478  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
13:11:42.0285 0x0478  SpbCx - ok
13:11:42.0332 0x0478  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler        C:\WINDOWS\System32\spoolsv.exe
13:11:42.0378 0x0478  Spooler - ok
13:11:42.0613 0x0478  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:11:42.0910 0x0478  sppsvc - ok
13:11:42.0957 0x0478  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
13:11:43.0003 0x0478  srv - ok
13:11:43.0050 0x0478  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:11:43.0175 0x0478  srv2 - ok
13:11:43.0191 0x0478  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:11:43.0238 0x0478  srvnet - ok
13:11:43.0269 0x0478  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
13:11:43.0316 0x0478  SSDPSRV - ok
13:11:43.0363 0x0478  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
13:11:43.0410 0x0478  SstpSvc - ok
13:11:43.0457 0x0478  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:11:43.0488 0x0478  ssudmdm - ok
13:11:43.0613 0x0478  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:11:43.0800 0x0478  StateRepository - ok
13:11:43.0894 0x0478  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:11:43.0925 0x0478  Steam Client Service - ok
13:11:43.0972 0x0478  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:11:43.0972 0x0478  stexstor - ok
13:11:44.0035 0x0478  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:11:44.0144 0x0478  stisvc - ok
13:11:44.0175 0x0478  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:11:44.0191 0x0478  storahci - ok
13:11:44.0222 0x0478  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
13:11:44.0269 0x0478  storflt - ok
13:11:44.0285 0x0478  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:11:44.0285 0x0478  stornvme - ok
13:11:44.0332 0x0478  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
13:11:44.0504 0x0478  storqosflt - ok
13:11:44.0597 0x0478  [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc        C:\WINDOWS\system32\storsvc.dll
13:11:44.0707 0x0478  StorSvc - ok
13:11:44.0738 0x0478  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
13:11:44.0754 0x0478  storufs - ok
13:11:44.0769 0x0478  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
13:11:44.0785 0x0478  storvsc - ok
13:11:44.0816 0x0478  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc          C:\WINDOWS\system32\svsvc.dll
13:11:44.0863 0x0478  svsvc - ok
13:11:44.0894 0x0478  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:11:44.0910 0x0478  swenum - ok
13:11:44.0941 0x0478  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv          C:\WINDOWS\System32\swprv.dll
13:11:44.0972 0x0478  swprv - ok
13:11:45.0019 0x0478  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:11:45.0050 0x0478  Synth3dVsc - ok
13:11:45.0129 0x0478  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain        C:\WINDOWS\system32\sysmain.dll
13:11:45.0207 0x0478  SysMain - ok
13:11:45.0254 0x0478  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:11:45.0300 0x0478  SystemEventsBroker - ok
13:11:45.0347 0x0478  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:11:45.0379 0x0478  TabletInputService - ok
13:11:45.0441 0x0478  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
13:11:45.0504 0x0478  TapiSrv - ok
13:11:45.0629 0x0478  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
13:11:45.0722 0x0478  Tcpip - ok
13:11:45.0785 0x0478  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
13:11:45.0863 0x0478  Tcpip6 - ok
13:11:45.0894 0x0478  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:11:45.0925 0x0478  tcpipreg - ok
13:11:45.0972 0x0478  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
13:11:46.0004 0x0478  tdx - ok
13:11:46.0019 0x0478  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:11:46.0035 0x0478  terminpt - ok
13:11:46.0097 0x0478  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService    C:\WINDOWS\System32\termsrv.dll
13:11:46.0160 0x0478  TermService - ok
13:11:46.0191 0x0478  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:11:46.0238 0x0478  Themes - ok
13:11:46.0285 0x0478  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:11:46.0347 0x0478  TieringEngineService - ok
13:11:46.0394 0x0478  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:11:46.0535 0x0478  tiledatamodelsvc - ok
13:11:46.0582 0x0478  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:11:46.0676 0x0478  TimeBroker - ok
13:11:46.0738 0x0478  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
13:11:46.0754 0x0478  TPM - ok
13:11:46.0801 0x0478  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:11:46.0847 0x0478  TrkWks - ok
13:11:46.0910 0x0478  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:11:46.0988 0x0478  TrustedInstaller - ok
13:11:47.0035 0x0478  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:11:47.0082 0x0478  tsusbflt - ok
13:11:47.0129 0x0478  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:11:47.0176 0x0478  TsUsbGD - ok
13:11:47.0379 0x0478  [ 8A4CDD97CE6D240A2B4C1E741AB75378, 166C3B40E8A2F3CA8475D9D8BE7E48985547180E15F5611CE9705D9D86820535 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
13:11:47.0566 0x0478  TuneUp.UtilitiesSvc - ok
13:11:47.0597 0x0478  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
13:11:47.0613 0x0478  TuneUpUtilitiesDrv - ok
13:11:47.0629 0x0478  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
13:11:47.0676 0x0478  tunnel - ok
13:11:47.0722 0x0478  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
13:11:47.0801 0x0478  tzautoupdate - ok
13:11:47.0832 0x0478  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:11:47.0847 0x0478  uagp35 - ok
13:11:47.0879 0x0478  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:11:47.0894 0x0478  UASPStor - ok
13:11:47.0910 0x0478  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
13:11:48.0004 0x0478  UcmCx0101 - ok
13:11:48.0051 0x0478  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:11:48.0113 0x0478  UcmUcsi - ok
13:11:48.0144 0x0478  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
13:11:48.0160 0x0478  Ucx01000 - ok
13:11:48.0191 0x0478  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
13:11:48.0285 0x0478  UdeCx - ok
13:11:48.0316 0x0478  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:11:48.0363 0x0478  udfs - ok
13:11:48.0394 0x0478  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:11:48.0426 0x0478  UEFI - ok
13:11:48.0472 0x0478  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
13:11:48.0488 0x0478  Ufx01000 - ok
13:11:48.0504 0x0478  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:11:48.0519 0x0478  UfxChipidea - ok
13:11:48.0551 0x0478  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:11:48.0566 0x0478  ufxsynopsys - ok
13:11:48.0598 0x0478  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
13:11:48.0613 0x0478  UI0Detect - ok
13:11:48.0660 0x0478  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:11:48.0676 0x0478  uliagpkx - ok
13:11:48.0691 0x0478  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
13:11:48.0707 0x0478  umbus - ok
13:11:48.0754 0x0478  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:11:48.0785 0x0478  UmPass - ok
13:11:48.0832 0x0478  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:11:48.0879 0x0478  UmRdpService - ok
13:11:48.0957 0x0478  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
13:11:49.0019 0x0478  UnistoreSvc - ok
13:11:49.0113 0x0478  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:11:49.0176 0x0478  upnphost - ok
13:11:49.0191 0x0478  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
13:11:49.0207 0x0478  UrsChipidea - ok
13:11:49.0223 0x0478  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
13:11:49.0238 0x0478  UrsCx01000 - ok
13:11:49.0238 0x0478  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
13:11:49.0254 0x0478  UrsSynopsys - ok
13:11:49.0301 0x0478  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
13:11:49.0316 0x0478  usbccgp - ok
13:11:49.0363 0x0478  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:11:49.0394 0x0478  usbcir - ok
13:11:49.0441 0x0478  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
13:11:49.0457 0x0478  usbehci - ok
13:11:49.0473 0x0478  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:11:49.0504 0x0478  usbhub - ok
13:11:49.0566 0x0478  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
13:11:49.0613 0x0478  USBHUB3 - ok
13:11:49.0644 0x0478  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
13:11:49.0691 0x0478  usbohci - ok
13:11:49.0723 0x0478  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:11:49.0754 0x0478  usbprint - ok
13:11:49.0785 0x0478  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
13:11:49.0910 0x0478  usbser - ok
13:11:49.0973 0x0478  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:11:49.0988 0x0478  USBSTOR - ok
13:11:50.0019 0x0478  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
13:11:50.0066 0x0478  usbuhci - ok
13:11:50.0129 0x0478  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
13:11:50.0176 0x0478  usbvideo - ok
13:11:50.0191 0x0478  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:11:50.0223 0x0478  USBXHCI - ok
13:11:50.0285 0x0478  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
13:11:50.0379 0x0478  UserDataSvc - ok
13:11:50.0457 0x0478  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager    C:\WINDOWS\System32\usermgr.dll
13:11:50.0613 0x0478  UserManager - ok
13:11:50.0660 0x0478  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
13:11:50.0707 0x0478  UsoSvc - ok
13:11:50.0738 0x0478  [ B15E6A98EA648F0CC1E5CE8CF081647B, 0FBC61A438307E995AF67E5D1798E45D63D7429777DCD815394F0F7108C4531C ] UxTuneUp        C:\WINDOWS\System32\uxtuneup.dll
13:11:50.0754 0x0478  UxTuneUp - ok
13:11:50.0769 0x0478  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:11:50.0785 0x0478  VaultSvc - ok
13:11:50.0801 0x0478  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:11:50.0801 0x0478  vdrvroot - ok
13:11:50.0894 0x0478  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds            C:\WINDOWS\System32\vds.exe
13:11:50.0941 0x0478  vds - ok
13:11:50.0973 0x0478  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
13:11:50.0988 0x0478  VerifierExt - ok
13:11:51.0051 0x0478  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
13:11:51.0082 0x0478  vhdmp - ok
13:11:51.0113 0x0478  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
13:11:51.0129 0x0478  vhf - ok
13:11:51.0144 0x0478  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
13:11:51.0160 0x0478  vmbus - ok
13:11:51.0176 0x0478  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:11:51.0191 0x0478  VMBusHID - ok
13:11:51.0238 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:11:51.0269 0x0478  vmicguestinterface - ok
13:11:51.0285 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
13:11:51.0316 0x0478  vmicheartbeat - ok
13:11:51.0348 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:11:51.0379 0x0478  vmickvpexchange - ok
13:11:51.0394 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
13:11:51.0426 0x0478  vmicrdv - ok
13:11:51.0441 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:11:51.0473 0x0478  vmicshutdown - ok
13:11:51.0488 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:11:51.0519 0x0478  vmictimesync - ok
13:11:51.0535 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession  C:\WINDOWS\System32\ICSvc.dll
13:11:51.0566 0x0478  vmicvmsession - ok
13:11:51.0582 0x0478  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
13:11:51.0629 0x0478  vmicvss - ok
13:11:51.0644 0x0478  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:11:51.0660 0x0478  volmgr - ok
13:11:51.0707 0x0478  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
13:11:51.0738 0x0478  volmgrx - ok
13:11:51.0754 0x0478  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
13:11:51.0769 0x0478  volsnap - ok
13:11:51.0816 0x0478  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:11:51.0832 0x0478  vpci - ok
13:11:51.0848 0x0478  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
13:11:51.0863 0x0478  vsmraid - ok
13:11:51.0957 0x0478  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS            C:\WINDOWS\system32\vssvc.exe
13:11:52.0035 0x0478  VSS - ok
13:11:52.0066 0x0478  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:11:52.0098 0x0478  VSTXRAID - ok
13:11:52.0129 0x0478  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:11:52.0145 0x0478  vwifibus - ok
13:11:52.0176 0x0478  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
13:11:52.0191 0x0478  vwififlt - ok
13:11:52.0207 0x0478  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp        C:\WINDOWS\System32\drivers\vwifimp.sys
13:11:52.0254 0x0478  vwifimp - ok
13:11:52.0301 0x0478  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time        C:\WINDOWS\system32\w32time.dll
13:11:52.0348 0x0478  W32Time - ok
13:11:52.0379 0x0478  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:11:52.0410 0x0478  WacomPen - ok
13:11:52.0488 0x0478  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService  C:\WINDOWS\system32\WalletService.dll
13:11:52.0598 0x0478  WalletService - ok
13:11:52.0629 0x0478  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:11:52.0707 0x0478  wanarp - ok
13:11:52.0738 0x0478  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:11:52.0770 0x0478  wanarpv6 - ok
13:11:52.0863 0x0478  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:11:53.0035 0x0478  wbengine - ok
13:11:53.0098 0x0478  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:11:53.0223 0x0478  WbioSrvc - ok
13:11:53.0285 0x0478  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:11:53.0332 0x0478  Wcmsvc - ok
13:11:53.0395 0x0478  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
13:11:53.0426 0x0478  wcncsvc - ok
13:11:53.0441 0x0478  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:11:53.0551 0x0478  WcsPlugInService - ok
13:11:53.0566 0x0478  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:11:53.0582 0x0478  WdBoot - ok
13:11:53.0629 0x0478  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:11:53.0660 0x0478  Wdf01000 - ok
13:11:53.0707 0x0478  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:11:53.0738 0x0478  WdFilter - ok
13:11:53.0770 0x0478  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:11:53.0801 0x0478  WdiServiceHost - ok
13:11:53.0832 0x0478  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
13:11:53.0863 0x0478  WdiSystemHost - ok
13:11:53.0895 0x0478  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:11:53.0957 0x0478  wdiwifi - ok
13:11:53.0988 0x0478  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:11:53.0988 0x0478  WdNisDrv - ok
13:11:54.0020 0x0478  WdNisSvc - ok
13:11:54.0066 0x0478  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient      C:\WINDOWS\System32\webclnt.dll
13:11:54.0113 0x0478  WebClient - ok
13:11:54.0176 0x0478  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:11:54.0238 0x0478  Wecsvc - ok
13:11:54.0254 0x0478  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:11:54.0301 0x0478  WEPHOSTSVC - ok
13:11:54.0363 0x0478  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
13:11:54.0410 0x0478  wercplsupport - ok
13:11:54.0426 0x0478  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:11:54.0457 0x0478  WerSvc - ok
13:11:54.0488 0x0478  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
13:11:54.0504 0x0478  WFPLWFS - ok
13:11:54.0520 0x0478  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:11:54.0551 0x0478  WiaRpc - ok
13:11:54.0582 0x0478  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:11:54.0598 0x0478  WIMMount - ok
13:11:54.0613 0x0478  WinDefend - ok
13:11:54.0660 0x0478  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:11:54.0676 0x0478  WindowsTrustedRT - ok
13:11:54.0707 0x0478  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:11:54.0723 0x0478  WindowsTrustedRTProxy - ok
13:11:54.0770 0x0478  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:11:54.0910 0x0478  WinHttpAutoProxySvc - ok
13:11:54.0942 0x0478  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
13:11:54.0957 0x0478  WinMad - ok
13:11:55.0051 0x0478  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
13:11:55.0098 0x0478  Winmgmt - ok
13:11:55.0207 0x0478  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
13:11:55.0363 0x0478  WinRM - ok
13:11:55.0410 0x0478  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
13:11:55.0442 0x0478  WINUSB - ok
13:11:55.0488 0x0478  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
13:11:55.0520 0x0478  WinVerbs - ok
13:11:55.0629 0x0478  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
13:11:55.0754 0x0478  WlanSvc - ok
13:11:55.0848 0x0478  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
13:11:56.0020 0x0478  wlidsvc - ok
13:11:56.0035 0x0478  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
13:11:56.0051 0x0478  WmiAcpi - ok
13:11:56.0098 0x0478  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:11:56.0160 0x0478  wmiApSrv - ok
13:11:56.0207 0x0478  WMPNetworkSvc - ok
13:11:56.0223 0x0478  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
13:11:56.0238 0x0478  Wof - ok
13:11:56.0332 0x0478  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:11:56.0473 0x0478  workfolderssvc - ok
13:11:56.0504 0x0478  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:11:56.0520 0x0478  wpcfltr - ok
13:11:56.0567 0x0478  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:11:56.0660 0x0478  WPDBusEnum - ok
13:11:56.0707 0x0478  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:11:56.0707 0x0478  WpdUpFltr - ok
13:11:56.0754 0x0478  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
13:11:56.0879 0x0478  WpnService - ok
13:11:56.0926 0x0478  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:11:56.0973 0x0478  ws2ifsl - ok
13:11:57.0004 0x0478  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:11:57.0160 0x0478  wscsvc - ok
13:11:57.0160 0x0478  WSearch - ok
13:11:57.0317 0x0478  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService      C:\WINDOWS\System32\WSService.dll
13:11:57.0473 0x0478  WSService - ok
13:11:57.0582 0x0478  [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:11:57.0708 0x0478  wuauserv - ok
13:11:57.0739 0x0478  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:11:57.0754 0x0478  WudfPf - ok
13:11:57.0785 0x0478  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:11:57.0832 0x0478  WUDFRd - ok
13:11:57.0879 0x0478  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
13:11:57.0926 0x0478  wudfsvc - ok
13:11:57.0957 0x0478  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:11:57.0989 0x0478  WUDFWpdFs - ok
13:11:57.0989 0x0478  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:11:58.0020 0x0478  WUDFWpdMtp - ok
13:11:58.0082 0x0478  [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
13:11:58.0160 0x0478  WwanSvc - ok
13:11:58.0239 0x0478  [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
13:11:58.0395 0x0478  XblAuthManager - ok
13:11:58.0442 0x0478  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
13:11:58.0598 0x0478  XblGameSave - ok
13:11:58.0629 0x0478  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
13:11:58.0739 0x0478  xboxgip - ok
13:11:58.0801 0x0478  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
13:11:59.0051 0x0478  XboxNetApiSvc - ok
13:11:59.0098 0x0478  [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
13:11:59.0129 0x0478  xinputhid - ok
13:11:59.0145 0x0478  ================ Scan global ===============================
13:11:59.0192 0x0478  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
13:11:59.0223 0x0478  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
13:11:59.0254 0x0478  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:11:59.0286 0x0478  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
13:11:59.0301 0x0478  [ Global ] - ok
13:11:59.0301 0x0478  ================ Scan MBR ==================================
13:11:59.0317 0x0478  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:11:59.0395 0x0478  \Device\Harddisk0\DR0 - ok
13:11:59.0411 0x0478  [ 2E2C08E48CD95CB27436C86BDEEDE476 ] \Device\Harddisk1\DR1
13:11:59.0489 0x0478  \Device\Harddisk1\DR1 - ok
13:11:59.0489 0x0478  ================ Scan VBR ==================================
13:11:59.0489 0x0478  [ 7B1723E895CF4B3EFDFF02BA2959C8BF ] \Device\Harddisk0\DR0\Partition1
13:11:59.0520 0x0478  \Device\Harddisk0\DR0\Partition1 - ok
13:11:59.0536 0x0478  [ BEBAB1A6F4CB2394BF2AEF463A93E7F6 ] \Device\Harddisk0\DR0\Partition2
13:11:59.0536 0x0478  \Device\Harddisk0\DR0\Partition2 - ok
13:11:59.0551 0x0478  [ 628A9C8C24CC73B31785C33D1E323EA0 ] \Device\Harddisk0\DR0\Partition3
13:11:59.0567 0x0478  \Device\Harddisk0\DR0\Partition3 - ok
13:11:59.0598 0x0478  [ F3C2CB67C9A6F48D4BA795DB7FB16E8E ] \Device\Harddisk0\DR0\Partition4
13:11:59.0614 0x0478  \Device\Harddisk0\DR0\Partition4 - ok
13:11:59.0629 0x0478  [ 074F6A6B1233390B01EF8C8A84B1D1AD ] \Device\Harddisk0\DR0\Partition5
13:11:59.0645 0x0478  \Device\Harddisk0\DR0\Partition5 - ok
13:11:59.0645 0x0478  ================ Scan generic autorun ======================
13:11:59.0692 0x0478  [ 48C552161917297BB61F3062A2454E8C, 3565A6DE1FF68EA4A3645705883126154A10A20C89B848810463681E42B67E73 ] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
13:11:59.0723 0x0478  WebStorage - ok
13:11:59.0801 0x0478  [ 845C94C35431FD2CD8DA3D770DE8E35B, 194D63D88235443FB99414C0D5BB265CEA14DEA812BC468010FA138B4548D474 ] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe
13:11:59.0817 0x0478  AvgUi - ok
13:12:00.0114 0x0478  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:12:00.0442 0x0478  OneDriveSetup - ok
13:12:00.0676 0x0478  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:12:00.0879 0x0478  OneDriveSetup - ok
13:12:01.0004 0x0478  [ 1F93DAF10BC91666F52FC5B9632C86EB, 3D2AE1090198AAEE7CDB587ED1D2784B9FF4E4B03F4F65BC2F46E28B136F3F01 ] C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:12:01.0020 0x0478  OneDrive - ok
13:12:01.0082 0x0478  [ 29B8072D6A0127ACD1A0EA985ECCE605, 9BDC1F5AF01AB7286D9AFC18B11F12CB893B965780AE0B63F4BF08778AFC8CCB ] C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
13:12:01.0129 0x0478  Spiele Post - ok
13:12:01.0176 0x0478  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
13:12:01.0223 0x0478  Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
13:12:01.0239 0x0478  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
13:12:01.0270 0x0478  Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 - ok
13:12:01.0286 0x0478  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
13:12:01.0286 0x0478  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
13:12:01.0286 0x0478  ============================================================
13:12:01.0286 0x0478  Scan finished
13:12:01.0286 0x0478  ============================================================
13:12:01.0301 0x1030  Detected object count: 3
13:12:01.0301 0x1030  Actual detected object count: 3
13:12:14.0315 0x1030  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:12:14.0315 0x1030  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:12:14.0315 0x1030  Intel(R) Security Assist ( UnsignedFile.Multi.Generic ) - skipped by user
13:12:14.0315 0x1030  Intel(R) Security Assist ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:12:14.0315 0x1030  isaHelperSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:12:14.0315 0x1030  isaHelperSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
FSS

Code:
Farbar Service Scanner Version: 27-01-2016
Ran by Vanessa (administrator) on 11-03-2016 at 13:13:29
Running from "C:\Users\Vanessa\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0535088 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\SysWOW64\dnsapi.dll IS INFECTED.

C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
Fixlog

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Vanessa (2016-03-11 12:29:02) Run:1
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
closeprocesses:
hosts:
C:\WINDOWS\system32\hojt
C:\extensions
C:\Users\Vanessa\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
folder: C:\Users\Public\Documents\dmp
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
S2 WajaIntEn Monitor; c:\program files\WajaIntEn\027ffed1d08ea21727c655e55d27a27d.exe [X]
c:\program files\WajaIntEn
2016-03-09 21:05 - 2016-03-09 21:05 - 00000000 ____D C:\ProgramData\simplitec
2016-02-17 23:38 - 2016-02-17 23:38 - 00003225 _____ C:\Users\Vanessa\yey papa´s.papa
2016-02-17 00:58 - 2016-02-17 00:58 - 00003144 _____ C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa
2016-02-16 21:51 - 2016-02-16 21:51 - 00003424 _____ C:\WINDOWS\System32\Tasks\Iwyqhowt
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Company
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\Users\Vanessa\AppData\Local\Tempfolder
2016-02-16 21:51 - 2016-02-16 21:51 - 00000000 ____D C:\uninst
2016-02-09 15:51 - 2016-02-09 15:51 - 00003010 _____ C:\Users\Vanessa\papascheeseria_backup_2.papa
Task: {80291AB0-8F61-4C15-8820-E713556B3464} - System32\Tasks\Iwyqhowt => C:\PROGRA~1\SHOPPE~1\Wokwe.bat
C:\PROGRA~1\SHOPPE~1
cmd: sfc /scannow
emptytemp:
       
*****************

Prozess erfolgreich geschlossen.
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
C:\WINDOWS\system32\hojt => erfolgreich verschoben
C:\extensions => erfolgreich verschoben
"C:\Users\Vanessa\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108" => nicht gefunden.

========================= folder: C:\Users\Public\Documents\dmp ========================

2016-02-16 21:37 - 2016-02-16 21:37 - 0000000 ____D () C:\Users\Public\Documents\dmp\dl
2016-02-16 21:37 - 2016-02-16 21:37 - 0000000 ____D () C:\Users\Public\Documents\dmp\un

====== Ende von Folder: ======

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Schlüssel nicht gefunden.
Chrome DefaultSearchURL => erfolgreich entfernt
Chrome DefaultSearchKeyword => erfolgreich entfernt
WajaIntEn Monitor => Dienst erfolgreich entfernt
"c:\program files\WajaIntEn" => nicht gefunden.
C:\ProgramData\simplitec => erfolgreich verschoben
C:\Users\Vanessa\yey papa´s.papa => erfolgreich verschoben
C:\Users\Vanessa\papascheeseria_backup_1.papa3.papa => erfolgreich verschoben
C:\WINDOWS\System32\Tasks\Iwyqhowt => erfolgreich verschoben
C:\Users\Vanessa\AppData\LocalLow\Company => erfolgreich verschoben
C:\Users\Vanessa\AppData\Local\Tempfolder => erfolgreich verschoben
C:\uninst => erfolgreich verschoben
C:\Users\Vanessa\papascheeseria_backup_2.papa => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80291AB0-8F61-4C15-8820-E713556B3464}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80291AB0-8F61-4C15-8820-E713556B3464}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Iwyqhowt => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Iwyqhowt" => Schlüssel erfolgreich entfernt
"C:\PROGRA~1\SHOPPE~1" => nicht gefunden.

=========  sfc /scannow =========


 
 
 S y s t e m s u c h e  w i r d  g e s t a r t e t .  D i e s e r  V o r g a n g  k a n n  e i n i g e  Z e i t  d a u e r n .
 
 
 
 
 
 � b e r p r � f u n g s p h a s e  d e r  S y s t e m s u c h e  w i r d  g e s t a r t e t .
 
 
 � b e r p r � f u n g  0  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  2  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  2  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  3  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  3  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  4  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  4  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  5  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  6  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  6  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  7  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  7  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  8  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  8  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  9  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  9  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 0 0  %  a b g e s c h l o s s e n .
 
 
 
 
 V o m  W i n d o w s - R e s s o u r c e n s c h u t z  w u r d e n  b e s c h � d i g t e  D a t e i e n  g e f u n d e n ,  u n d
 
 
 e i n i g e  d a v o n  k o n n t e n  n i c h t  r e p a r i e r t  w e r d e n .  W e i t e r e  I n f o r m a t i o n e n  f i n d e n  S i e  i n  d e r  D a t e i  " C B S . L o g "  u n t e r  " w i n d i r \ L o g s \ C B S \ C B S . l o g " ,
 
 
 z . B .  " C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g " .
 
 
 H i n w e i s :  B e i  d e r  O f f l i n e w a r t u n g  w i r d  d i e  P r o t o k o l l i e r u n g  d e r z e i t  n i c h t  u n t e r s t � t z t .
 
 
 
 
 
 D i e  � n d e r u n g e n  d u r c h  d i e  S y s t e m d a t e i r e p a r a t u r  w e r d e n  n a c h  d e m
 
 
 n � c h s t e n  N e u s t a r t  w i r k s a m .
 
 
 
========= Ende von CMD: =========

EmptyTemp: => 379.5 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:04:24 ====

Ottokarl 12.03.2016 17:52
FRST

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Vanessa (Administrator) auf DESKTOP-5PNPL1E (11-03-2016 13:14:17)
Gestartet von C:\Users\Vanessa\Desktop
Geladene Profile: Vanessa (Verfügbare Profile: Vanessa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Nero AG) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intenium) C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\RunOnce: [Uninstall C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-483611294-2829987118-2205543787-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-03-10]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0f70dec5-ab41-11e5-b753-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{cf7e755f-2a9c-43ca-905b-587fa842d2f8}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {5E86A1A6-1176-403A-86A1-38DE40387AF5} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {6F634305-2F36-411B-B460-E9F774AA7BF4} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {786BF108-DDEF-46E2-981E-29B4CE9FC9B6} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> {A882FD39-3E09-4E81-9C4A-9AAB923F0ADC} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-18] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-18] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-483611294-2829987118-2205543787-1001 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-08] [ist nicht signiert]

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR Profile: C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (SiteAdvisor) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR Extension: (Google Mail) - C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S3 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-02-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [465088 2016-03-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4364200 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2016-02-15] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [42408 2016-02-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation)
R2 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2016-01-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-11 13:14 - 2016-03-11 13:14 - 00023680 _____ C:\Users\Vanessa\Desktop\FRST.txt
2016-03-11 13:13 - 2016-03-11 13:13 - 00003148 _____ C:\Users\Vanessa\Desktop\FSS.txt
2016-03-11 13:09 - 2016-03-11 13:13 - 00268300 _____ C:\TDSSKiller.3.1.0.9_11.03.2016_13.09.52_log.txt
2016-03-11 13:07 - 2016-03-11 13:07 - 00000000 ____D C:\ProgramData\simplitec
2016-03-11 12:29 - 2016-03-11 13:04 - 00027524 _____ C:\Users\Vanessa\Desktop\Fixlog.txt
2016-03-11 12:28 - 2016-03-11 12:20 - 00899584 _____ (Farbar) C:\Users\Vanessa\Desktop\FSS.exe
2016-03-11 12:28 - 2016-03-11 12:19 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Vanessa\Desktop\tdsskiller.exe
2016-03-09 21:55 - 2016-03-10 21:26 - 00000000 ____D C:\Users\Vanessa\Desktop\Wichtiger Kram
2016-03-09 21:42 - 2016-03-11 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-09 21:08 - 2016-03-10 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-09 21:08 - 2016-03-10 12:15 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-09 21:08 - 2016-03-09 21:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-09 21:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-09 21:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-09 20:57 - 2016-03-09 21:00 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-09 20:38 - 2016-03-09 20:30 - 22908888 _____ (Malwarebytes ) C:\Users\Vanessa\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-09 19:49 - 2016-03-11 13:14 - 00000000 ____D C:\FRST
2016-03-09 19:49 - 2016-03-09 19:41 - 02374144 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST64.exe
2016-03-09 19:49 - 2016-03-09 19:40 - 01725440 _____ (Farbar) C:\Users\Vanessa\Desktop\FRST.exe
2016-03-09 19:17 - 2016-03-09 19:17 - 00805528 _____ (Google Inc.) C:\Users\Vanessa\Downloads\Nicht bestätigt 301246.crdownload
2016-03-09 18:40 - 2016-03-09 18:40 - 01109677 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft.exe
2016-03-09 15:14 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 15:14 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:14 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:14 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:14 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-09 15:14 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-09 15:14 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-09 15:14 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-09 15:14 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-09 15:14 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-09 15:14 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-09 15:14 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-09 15:14 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-09 15:14 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-09 15:14 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-09 15:14 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 15:14 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-09 15:14 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-09 15:13 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:13 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 15:13 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:13 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 15:13 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 15:13 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 15:13 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 15:13 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:13 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:13 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:13 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:13 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:13 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:13 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:13 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:13 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 15:13 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-09 15:13 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-09 15:13 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-09 15:13 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 15:13 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 15:13 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 15:13 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-09 15:13 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-09 15:13 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-09 15:13 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-09 15:13 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-09 15:13 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-09 15:13 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-09 15:13 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-09 15:13 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-09 15:13 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-09 15:13 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-09 15:13 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-09 15:13 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 15:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-09 15:13 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-09 15:13 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-09 15:13 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-09 15:12 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 15:12 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 15:12 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 15:12 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-09 15:12 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-09 15:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-09 15:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-09 15:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-09 15:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-09 15:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-09 15:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-09 15:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 15:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 15:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-09 15:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-09 15:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-09 15:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-09 15:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-09 15:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-09 15:11 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 15:11 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 15:11 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-09 15:11 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-09 15:07 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 15:07 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 15:07 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 15:07 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-09 15:07 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-09 15:07 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-09 15:07 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-09 15:07 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-09 15:07 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-09 15:07 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-09 15:07 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-08 22:32 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-08 22:32 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-08 22:32 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-08 22:31 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-08 22:31 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-08 22:31 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-08 22:31 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-08 22:31 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-08 22:31 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-08 22:31 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-08 22:31 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-08 22:31 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-08 22:31 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-08 22:31 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-08 22:31 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-08 22:31 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-08 22:31 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-08 22:31 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-08 22:31 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-08 22:31 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-08 22:31 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-08 22:31 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-08 22:31 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-08 22:31 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-08 22:31 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-08 22:31 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-08 22:31 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-08 22:31 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-08 22:31 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-08 22:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-08 22:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-08 22:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-08 22:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-08 22:31 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-08 22:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-08 22:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-08 22:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-08 22:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-08 22:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-08 22:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-08 22:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-08 22:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-08 22:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-08 22:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-08 22:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-08 22:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-08 22:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-08 22:31 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-08 22:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-08 22:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-08 22:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-08 22:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-08 22:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-08 22:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-08 22:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-08 22:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-08 22:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-08 22:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-08 22:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-08 22:31 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-08 22:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-08 22:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-08 22:31 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-08 22:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-08 22:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-08 22:31 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-08 22:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-08 22:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-08 22:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-08 22:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-08 22:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-08 22:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-08 22:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-08 22:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-08 22:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-08 22:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-08 22:30 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-08 22:30 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-08 22:30 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-08 22:30 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-08 22:30 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-08 22:30 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-08 22:30 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-08 22:30 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-08 22:30 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-08 22:30 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-08 22:30 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-08 22:30 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-08 22:30 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-08 22:30 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-08 22:30 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-08 22:30 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-08 22:30 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-08 22:30 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-08 22:30 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-08 22:30 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-08 22:30 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-08 22:30 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-08 22:30 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-08 22:30 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-08 22:30 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-08 22:30 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-08 22:30 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-08 22:30 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-08 22:30 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-08 22:30 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-08 22:30 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-08 22:30 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-08 22:30 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-08 22:30 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-08 22:30 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-08 22:30 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-08 22:30 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-08 22:30 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-08 22:30 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-08 22:30 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-08 22:30 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-08 22:30 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-08 22:30 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-08 22:30 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-08 22:30 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-08 22:30 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-08 22:30 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-08 22:30 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-08 22:30 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-08 22:30 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-08 22:30 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-08 22:30 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-08 22:30 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-08 22:30 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-08 22:30 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-08 22:30 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-08 22:30 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-08 22:30 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-08 22:30 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-08 22:30 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-08 22:30 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-08 22:30 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-08 22:30 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-08 22:30 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-08 22:30 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-08 22:30 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-08 22:30 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-08 22:30 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-08 22:30 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-08 22:30 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-08 22:30 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-08 22:30 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-08 22:30 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-08 22:30 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-08 22:30 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-08 22:30 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-08 22:30 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-08 22:30 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-08 22:30 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-08 22:30 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-08 22:30 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-08 22:30 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-08 22:30 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-08 22:30 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-08 22:30 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-08 22:30 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-08 22:30 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-08 22:30 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-08 22:30 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-08 22:30 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-08 22:30 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-08 22:30 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-08 22:30 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-08 22:30 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-08 22:30 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-08 22:30 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-08 22:30 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-08 22:30 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-08 22:30 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-08 22:30 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-08 22:30 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-08 22:30 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-08 22:30 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-08 22:30 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-08 22:30 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-08 22:30 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-08 22:30 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-08 22:30 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-08 22:30 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-08 22:30 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-08 22:30 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-08 22:30 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-08 22:30 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-08 22:30 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-08 22:30 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-08 22:30 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-08 22:30 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-08 22:30 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-08 22:30 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-08 22:30 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-08 22:30 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-08 22:30 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-08 22:30 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-08 22:30 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 22:30 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-08 22:30 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-08 22:30 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-08 22:30 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-08 22:30 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-08 22:30 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-08 22:30 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-08 22:30 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-08 22:30 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-08 22:30 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-08 22:30 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-08 22:30 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-08 22:30 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 22:30 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-08 22:30 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-08 22:30 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-08 22:30 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-08 22:30 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-08 22:30 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-08 22:30 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-08 22:30 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-08 22:30 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-08 22:30 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-08 19:27 - 2016-03-08 19:27 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVAST Software
2016-03-08 19:06 - 2016-03-11 12:20 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-27 11:33 - 2016-02-27 11:34 - 00000000 ____D C:\Users\Vanessa\Desktop\Pokemon White 2
2016-02-19 03:20 - 2016-02-15 10:30 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-02-19 03:20 - 2016-02-15 10:30 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVG
2016-02-19 03:19 - 2016-02-19 03:19 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-02-18 02:33 - 2016-02-18 02:33 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\java
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Sun
2016-02-18 02:32 - 2016-02-18 02:32 - 00000000 ____D C:\Users\Vanessa\.oracle_jre_usage
2016-02-18 02:31 - 2016-02-18 02:33 - 00000000 ____D C:\ProgramData\Oracle
2016-02-18 02:31 - 2016-02-18 02:31 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-18 02:31 - 2016-02-18 02:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-18 02:29 - 2016-02-18 02:29 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73 (1).exe
2016-02-18 02:29 - 2016-02-18 02:29 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Oracle
2016-02-18 02:27 - 2016-02-18 02:27 - 00735328 _____ (Oracle Corporation) C:\Users\Vanessa\Downloads\JavaSetup8u73.exe
2016-02-18 02:24 - 2016-03-10 18:23 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\.minecraft
2016-02-18 02:21 - 2016-02-18 07:29 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Desktop\Minecraft Launcher (1).exe
2016-02-18 02:19 - 2016-02-18 03:43 - 01674929 _____ (TeamExtreme) C:\Users\Vanessa\Downloads\Minecraft Launcher.exe
2016-02-16 21:40 - 2016-03-09 21:03 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-16 21:37 - 2016-02-16 21:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-02-12 06:03 - 2016-02-12 06:03 - 00491616 _____ C:\Users\Vanessa\Downloads\zerbst_abrufkarte_sperrmuell_2016.pdf
2016-02-12 06:02 - 2016-02-12 06:03 - 01720607 _____ C:\Users\Vanessa\Downloads\abfallkalender_2016_zerbst_webs.pdf
2016-02-10 16:53 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:53 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:53 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:53 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:53 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:53 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-11 13:12 - 2015-10-30 19:35 - 00778202 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-11 13:12 - 2015-10-30 19:35 - 00155964 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-11 13:12 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-11 13:12 - 2015-08-18 06:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-11 13:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-11 13:08 - 2016-01-11 20:01 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-11 13:08 - 2015-12-21 15:34 - 00000165 _____ C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2016-03-11 13:07 - 2016-01-07 17:45 - 00000474 _____ C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job
2016-03-11 13:07 - 2015-12-25 21:07 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-11 13:07 - 2015-12-21 15:32 - 00000000 __SHD C:\Users\Vanessa\IntelGraphicsProfiles
2016-03-11 13:06 - 2015-12-25 21:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-11 13:05 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-11 13:00 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-03-11 12:57 - 2016-01-20 20:47 - 00000000 ____D C:\Users\Vanessa\AppData\LocalLow\Temp
2016-03-11 12:57 - 2015-08-18 06:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-03-11 12:29 - 2015-12-25 21:11 - 00000000 ____D C:\Users\Vanessa
2016-03-11 12:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job
2016-03-11 12:23 - 2015-12-27 12:26 - 00000412 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job
2016-03-11 12:21 - 2015-10-05 05:58 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-03-11 12:21 - 2015-10-05 05:58 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-03-10 13:35 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 13:19 - 2016-01-20 21:40 - 00001326 _____ C:\Users\Public\Desktop\Far Cry.lnk
2016-03-10 13:19 - 2016-01-17 17:52 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-10 13:19 - 2016-01-08 23:37 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-10 13:19 - 2016-01-08 01:59 - 00001023 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-03-10 13:19 - 2016-01-08 01:59 - 00001015 _____ C:\Users\Vanessa\Desktop\osu!.lnk
2016-03-10 13:19 - 2016-01-08 01:00 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-10 13:19 - 2016-01-08 01:00 - 00002248 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-10 13:19 - 2016-01-07 17:36 - 00001467 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-03-10 13:19 - 2016-01-07 17:36 - 00001310 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-03-10 13:19 - 2016-01-06 23:32 - 00001284 _____ C:\Users\Vanessa\Desktop\Continue Java Update 8.6 Installation.lnk
2016-03-10 13:19 - 2016-01-04 01:30 - 00001223 _____ C:\Users\Vanessa\Desktop\Die Installation von Adobe Flash Player fortsetzen.lnk
2016-03-10 13:19 - 2015-12-29 22:47 - 00001028 _____ C:\Users\Public\Desktop\Steam.lnk
2016-03-10 13:19 - 2015-12-27 18:42 - 00001291 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eye Care Switcher.lnk
2016-03-10 13:19 - 2015-12-27 18:07 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 6.0.lnk
2016-03-10 13:19 - 2015-12-27 18:07 - 00002098 _____ C:\Users\Public\Desktop\Adobe Reader 6.0.lnk
2016-03-10 13:19 - 2015-12-26 12:10 - 00002053 _____ C:\Users\Vanessa\Desktop\Willkommen zur ASUS Produktregistrierung.lnk
2016-03-10 13:19 - 2015-12-25 21:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 13:19 - 2015-12-25 14:38 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-03-10 13:19 - 2015-12-25 14:38 - 00002120 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-03-10 13:19 - 2015-12-23 18:31 - 00001927 _____ C:\Users\Vanessa\Desktop\Windows Media Player.lnk
2016-03-10 13:19 - 2015-12-21 15:35 - 00002391 _____ C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00002517 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00002104 _____ C:\Users\Public\Desktop\Dropbox 25 GB.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001536 _____ C:\Users\Public\Desktop\WPS Office.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001346 _____ C:\Users\Public\Desktop\WebStorage.lnk
2016-03-10 13:19 - 2015-10-05 06:19 - 00001180 _____ C:\Users\Public\Desktop\ASUS HiPost.lnk
2016-03-10 13:19 - 2015-10-05 06:12 - 00002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-03-10 13:19 - 2015-10-05 05:42 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-03-10 13:19 - 2015-08-18 06:28 - 00002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
2016-03-10 13:18 - 2015-10-05 05:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-10 13:16 - 2015-10-05 06:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-10 13:15 - 2015-12-25 20:53 - 00261472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 13:14 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-10 13:12 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 13:12 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 13:12 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-10 13:12 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-10 12:19 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 22:25 - 2015-12-25 14:41 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48ABCAE0-DD1B-4554-91D4-47CD1AB4DC2B}
2016-03-09 16:24 - 2015-12-29 22:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:23 - 2015-12-25 20:52 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-09 15:10 - 2016-01-08 23:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\Skype
2016-03-08 22:05 - 2015-12-28 23:23 - 00000000 ____D C:\Users\Vanessa\Desktop\Warcraft III Frozen Throne
2016-03-08 19:06 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-07 23:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\vlc
2016-02-29 17:46 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Vanessa\Desktop\CoD4 (Manu)
2016-02-26 12:57 - 2016-01-17 17:53 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dvdcss
2016-02-20 12:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-19 03:20 - 2015-12-25 14:38 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\AVG
2016-02-16 21:39 - 2015-12-25 14:40 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\dlg
2016-02-16 20:42 - 2016-01-07 17:36 - 00000000 ____D C:\Users\Vanessa\AppData\Roaming\DVDVideoSoft
2016-02-15 10:36 - 2015-12-25 14:38 - 00045992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-02-14 04:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 16:41 - 2016-01-08 23:37 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-12 09:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-12 09:50 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-10 17:42 - 2015-12-25 14:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 17:36 - 2015-12-25 14:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 02:31 - 2016-01-08 23:37 - 00000000 ___RD C:\Program Files (x86)\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-21 15:34 - 2016-03-11 13:08 - 0000165 _____ () C:\Users\Vanessa\AppData\Roaming\sp_data.sys
2015-12-25 21:08 - 2015-12-25 21:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 08:18] - [2015-10-30 08:18] - 0535088 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\WINDOWS\SysWOW64\dnsapi.dll => kein Firmenname <===== ACHTUNG

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-09 21:37

==================== Ende von FRST.txt ============================
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Vanessa (2016-03-11 13:15:32)
Gestartet von C:\Users\Vanessa\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-25 20:30:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-483611294-2829987118-2205543787-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-483611294-2829987118-2205543787-503 - Limited - Disabled)
Gast (S-1-5-21-483611294-2829987118-2205543787-501 - Limited - Disabled)
Vanessa (S-1-5-21-483611294-2829987118-2205543787-1001 - Administrator - Enabled) => C:\Users\Vanessa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Wonders 4: Magical Mystery Tour (HKLM-x32\...\7 Wonders 4: Magical Mystery Tour) (Version: 1.0.0.0 - INTENIUM GmbH)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader 6.0.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\Steam App 261430) (Version:  - NCSOFT)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.22.1.58906 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.22.3 - AVG Technologies) Hidden
Deutschland Spielt - Spiele Post (HKLM-x32\...\Deutschland Spielt - Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Edna Bricht Aus (HKLM-x32\...\EdnaSE) (Version: 1.0 - Daedalic Entertainment)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.0.1224 - DVDVideoSoft Ltd.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
Gomo (HKLM-x32\...\Gomo_is1) (Version: 1.1 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Heroes of Hellas (HKLM-x32\...\{C0906D83-1FE0-4176-A940-45A348080987}) (Version: 1.00.0000 - Purplehills)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Lawn & Order 2: Die Gartenverschwörung (HKLM-x32\...\Lawn & Order 2: Die Gartenverschwörung) (Version: 0.0.0.0 - INTENIUM GmbH)
Lawn & Order: Die Gartenprofis (HKLM-x32\...\Lawn & Order: Die Gartenprofis) (Version: 0.0.0.0 - INTENIUM GmbH)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.171 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Nero TuneItUp Free (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.4.1.1039 - Nero AG)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{e3b5e5c5-4557-4cbc-9927-7a947d002d51}) (Version: latest - ppy Pty Ltd)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Royal Defense (HKLM-x32\...\RoyalDefense) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version:  - )
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows-Treiberpaket - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-483611294-2829987118-2205543787-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B15309-9A15-4F89-939C-8A946EABAF0A} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {03A2C72E-331C-4F11-89CC-D41D0C1B03B4} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10845013-BF46-4E5D-A7F8-D0C92B8EBCD9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {2649A5EA-B153-4F9F-BBC7-9D030B1B5E40} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6779CC7C-151F-47FE-BA0A-9DFDB03DA8FB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {69A85AC5-00CD-4960-8C87-44AA9A6708C0} - System32\Tasks\Nero TuneItUp => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe [2015-12-18] (Nero AG)
Task: {6C74C4F8-6F6D-45C9-A5EB-7B2F34203A48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {86E40AB0-F3CB-4143-B4CE-2F0A5381A18A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {9053369D-E80B-483A-ADB8-E55E35E00BF8} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {9521437B-E580-4899-8638-053CCE36BA52} - System32\Tasks\Nero TuneItUp (Tray) => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe [2015-12-18] (Nero AG)
Task: {A2141CD3-585C-49AF-BDF5-22CBF603734C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {A56AFB05-3237-4708-AEC8-E06A16EC68DB} - System32\Tasks\{FABCEED8-3F2C-4C84-B0CF-01F6D4E53F5B} => pcalua.exe -a E:\FarCryAutoCD.exe -d E:\
Task: {A62B4474-18F2-4158-93FA-4EF643286875} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-02-15] (AVG Technologies CZ, s.r.o.)
Task: {AF92B986-DE33-4872-B4F0-D846B5DDE1A7} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {C1766BD8-300E-4487-A008-225FC7F6A341} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {C87A4943-158C-4FE8-A342-01B63AE6BA7B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {CDAED409-BB99-4991-A4AE-6052A7625BDB} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {DC233B71-6562-4D52-AEC1-C0B30BBFA891} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek)
Task: {E0F2E963-FFA3-47DC-A8F0-5133B4292258} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-29] (Realtek Semiconductor)
Task: {E3BF4274-C3E4-4B78-A9B4-B0FBECBDF562} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {E4389888-C5EC-4E72-B926-32C7A02B5134} - System32\Tasks\WpsNotifyTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {E9814E6E-FCFF-4F9A-9813-1DEBEE67BD5B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {F0F63C14-EC91-4475-8728-A14C01630782} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {F2C808F5-A339-4F47-8E0E-0A19E9AC8905} - System32\Tasks\WpsUpdateTask_Vanessa => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-12-29] (Zhuhai Kingsoft Office Software Co.,Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp (Tray).job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: C:\WINDOWS\Tasks\Nero TuneItUp.job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Vanessa.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-11 13:06 - 2016-03-11 13:06 - 00208552 _____ () C:\WINDOWS\TEMP\DPTF\dptf_wwanproxy.dll
2016-03-11 13:06 - 2016-03-11 13:06 - 00047784 _____ () C:\WINDOWS\TEMP\DPTF\dptf_pnmwlanproxy.dll
2016-03-08 18:02 - 2016-03-08 18:02 - 00465088 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-09 15:12 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-25 20:47 - 2015-12-25 20:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-08 22:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 18:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 18:19 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-07 21:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-07 21:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-12 19:44 - 2015-08-12 19:44 - 00012288 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
2016-01-07 17:36 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-07 17:36 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 09:40 - 2015-08-25 09:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-01-07 17:44 - 2015-12-18 12:25 - 00102864 _____ () C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\modules\common\asp_ipc32.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-06 15:24 - 2016-02-06 15:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-25 14:34 - 2015-12-25 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2016-03-11 12:29 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-483611294-2829987118-2205543787-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vanessa\Desktop\DCIM\DCIM\Camera\20150525_131105.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68C9D58C-372D-40B9-A1AD-30C06C09294A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BAC89DB-7A7C-4B1E-8AB8-DEB6173CD930}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09436CFC-4CBB-4975-ACAD-708993158B05}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1602656-3867-402C-B9AF-AA703B8784C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E5A94CB-EAE9-4E57-B5F5-B6D96344DF8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{38079EA8-AD17-4E0A-9963-C0643E74980C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF69EBE0-E584-44B9-B68C-CD42A83C77C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{917A28EF-4788-41CB-A69E-38902C2B79E7}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{13425C54-0AA3-4AD9-AAFE-22501492CB91}] => (Allow) C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{A95D19AF-90D0-40DB-BD0D-5991C958E778}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6958E1D-42C5-46DB-AE72-9AB315544A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{9ABAB0D7-A4D0-408A-80B5-38C60520E23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe
FirewallRules: [{975AC3BF-3A7F-4E46-A566-B2B25307FA76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-02-2016 09:07:25 Geplanter Prüfpunkt
03-03-2016 12:52:00 Geplanter Prüfpunkt
09-03-2016 20:43:18 Revo Uninstaller's restore point - Body Text Feathering
10-03-2016 20:49:56 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.0.1024

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/10/2016 12:10:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 2.3.125.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 26d0

Startzeit: 01d17abd57025acc

Beendigungszeit: 12

Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID: bb2ec647-e6b0-11e5-9bf0-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/10/2016 12:09:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 2.3.125.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1150

Startzeit: 01d17abd0ae97254

Beendigungszeit: 32

Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID: 85dae1bd-e6b0-11e5-9bf0-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 09:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MPCTray.exe, Version: 3.2.9127.113, Zeitstempel: 0x569630ed
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a853dc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026ffa
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0xMPCTray.exe0
Pfad der fehlerhaften Anwendung: MPCTray.exe1
Pfad des fehlerhaften Moduls: MPCTray.exe2
Berichtskennung: MPCTray.exe3
Vollständiger Name des fehlerhaften Pakets: MPCTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MPCTray.exe5

Error: (03/09/2016 08:43:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2016 07:18:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3898

Startzeit: 01d17a2fec4db74a

Beendigungszeit: 4

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 5677c9e3-e623-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm sllauncher.exe, Version 5.1.30514.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d74

Startzeit: 01d17a1a25af36f3

Beendigungszeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe

Berichts-ID: 69fa92fe-e60d-11e5-9bef-305a3aa8dbc0

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/09/2016 04:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 04:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ServiceProvider.exe, Version: 2.4.1.1039, Zeitstempel: 0x5673cdea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x10028a20
ID des fehlerhaften Prozesses: 0x33dc
Startzeit der fehlerhaften Anwendung: 0xServiceProvider.exe0
Pfad der fehlerhaften Anwendung: ServiceProvider.exe1
Pfad des fehlerhaften Moduls: ServiceProvider.exe2
Berichtskennung: ServiceProvider.exe3
Vollständiger Name des fehlerhaften Pakets: ServiceProvider.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ServiceProvider.exe5

Error: (03/09/2016 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5

Error: (03/09/2016 03:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00650053
ID des fehlerhaften Prozesses: 0x2e00
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3
Vollständiger Name des fehlerhaften Pakets: sllauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sllauncher.exe5


Systemfehler:
=============
Error: (03/11/2016 01:06:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/11/2016 01:06:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (03/11/2016 01:06:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (03/11/2016 01:05:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%126

Error: (03/11/2016 01:05:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%126

Error: (03/11/2016 01:05:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%126

Error: (03/11/2016 01:05:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%126

Error: (03/11/2016 01:05:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%126

Error: (03/11/2016 01:05:27 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1068netprofmNicht verfügbar{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/11/2016 01:05:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


CodeIntegrity:
===================================
  Date: 2016-03-10 13:17:28.923
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 12:08:55.372
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 19:03:14.749
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 19:03:14.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-03-09 18:20:21.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 3998.36 MB
Verfügbarer physikalischer RAM: 2404.59 MB
Summe virtueller Speicher: 8350.36 MB
Verfügbarer virtueller Speicher: 6789.98 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:185.55 GB) (Free:56.72 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:279.46 GB) (Free:279.23 GB) NTFS
Drive f: (Philips) (Removable) (Total:3.79 GB) (Free:3.79 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 60BF7956)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== Ende von Addition.txt ============================

burningice 13.03.2016 05:54
Schritt: 1
Öffne wieder FRST und kopiere das folgende in das weiße Feld:
Code:
dnsapi.dll
Drücke dann auf dem Button "Dateisuche".

Es wird eine Search.txt erstellt werden, bitte poste diese wieder hier.

Schritt: 2

Bitte gehe in folgenden Ordner: C:\Windows\Logs
  • Gehe in den Ordner CBS und kopiere die cbs.log auf den Desktop
Erstelle daraus eine .zip Datei und füge sie bitte hier als Anhang an.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:53 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131