Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: "Dein System wird abgesucht" + Picexa auf Desktop

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.07.2015, 16:10   #1
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



hi,

unten rechts im Bildschirm kommt immer die Nachricht: "Ihr System wird abgesucht". Auch hatte ich auf einmal Picexa auf dem Desktop und kann es nicht deinstallieren.

hier die Logs - achso, wie bringe ich alle Logs in diesen bzw. mehrere Beiträge, kann sie ja nur editieren...?

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Michael (administrator) on MICHAEL-PC on 21-07-2015 15:42:22
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael & UpdatusUser (Available Profiles: Michael & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\Picexa\picexasvc.exe
(Windows SysTool) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(FileProperties_CompanyName) C:\Program Files (x86)\roller coaster park\roller_coaster_park_notification_service.exe
(joep) C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(joep) C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Sonic Shared\cinetray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
() C:\Program Files (x86)\SFK\SFKEX64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
() C:\Users\Michael\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Run: [Dropbox Update] => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-03] (Dropbox, Inc.)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File not found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inhaltsmanager-Assistent für PlayStation(R).lnk [2014-12-21]
ShortcutTarget: Inhaltsmanager-Assistent für PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-06-18]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-05-06]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{9be38812-3ced-8198-9be3-388123ce2048}\hqghumeaylnlf.exe (No File)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-05-12]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk [2011-01-26]
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files (x86)\Common Files\Sonic Shared\cinetray.exe (Sonic Solutions)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP29D9F54D-269F-489F-A718-B57F4CDF637A&SSPV=
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.kiebel.de
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.kiebel.de
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
SearchScopes: HKLM -> {B6319EC9-264D-4C16-9E60-B4BBFCE34149} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9852930-C439-4972-997C-7B6D2BFF2B95} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> 9FEBAA996ECF42798981BA51FF2A3D31 URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {4CCD1C03-0893-47B2-B639-BA3EF1DCDBDC} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {B6319EC9-264D-4C16-9E60-B4BBFCE34149} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {E9852930-C439-4972-997C-7B6D2BFF2B95} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1003 -> DefaultScope {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1003 -> {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-04-22] (DVDVideoSoft Ltd.)
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-07-15] (Thinkgood Co. Limited)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: No Name -> {E87806B5-E908-45FD-AF5E-957D83E58E68} ->  No File
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-06-11] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM-x32 - No Name - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29AFCA6F-6248-4E4D-9272-6D5B27E2C348}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{986532E5-BDB2-4838-8B99-05F4E865D1CD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DFD47A73-1E1B-40D4-BA94-683A3493D334}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1423525503&from=ild&uid=395049983_1052499_562E437C

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3406820721-3590820294-1622690160-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2012-06-18] (InfiniAd GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2013-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-04]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-05-04]

Chrome: 
=======
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-21]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-21]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-21]
CHR Extension: (dcdpjakjgmgklajndnlekpojkelnibfp) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2015-04-05]
CHR Extension: (gnkgjopofhfmjebcalbjlcfilnipmopd) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnkgjopofhfmjebcalbjlcfilnipmopd [2015-04-10]
CHR Extension: (MediaPlayerVid2.4) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac [2015-05-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-05-21]
CHR Extension: (CinemaPlus-3.2cV07.05) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-07]
CHR Extension: (pioclpoplcdbaefihamjohnefbikjilc) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-02-25]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-21]
CHR Extension: (roller coaster park) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pogchimbndbckepmhaagnapfmlfgnala [2015-04-05]
CHR HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-05-04]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

Opera: 
=======
OPR Extension: (Ge-Force) - C:\Users\Michael\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-05-07]
OPR Extension: (CinemaPlus-3.2cV07.05) - C:\Users\Michael\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2011-01-21] (Autodesk)
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-15] (XTab system)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; D:\origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PicexaService; C:\Program Files (x86)\Picexa\PicexaSvc.exe [405144 2015-06-23] (Taiwan Shui Mu Chih Ching Technology Limited)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [459464 2015-07-21] (TODO: <公司名>)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [545280 2015-07-16] (Windows SysTool) [File not signed] <==== ATTENTION
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [337040 2015-07-14] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-06-07] ()
S1 Cinemsup; C:\Windows\SysWow64\Drivers\Cinemsup.sys [6656 2002-07-19] (Sonic Solutions)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-03-02] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-06-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 FXDrv32; \??\E:\FXDrv64.sys [X]
S3 netr7364; system32\DRIVERS\netr7364.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 15:42 - 2015-07-21 15:43 - 00030707 _____ C:\Users\Michael\Desktop\FRST.txt
2015-07-21 15:42 - 2015-07-21 15:42 - 00000000 ____D C:\FRST
2015-07-21 15:41 - 2015-07-21 15:41 - 02135552 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2015-07-21 15:39 - 2015-07-21 15:39 - 00000476 _____ C:\Users\Michael\Desktop\defogger_disable.log
2015-07-21 15:39 - 2015-07-21 15:39 - 00000000 _____ C:\Users\Michael\defogger_reenable
2015-07-21 15:38 - 2015-07-21 15:38 - 00050477 _____ C:\Users\Michael\Desktop\Defogger.exe
2015-07-21 14:46 - 2015-07-21 14:46 - 00459464 _____ (TODO: <公司名>) C:\Program Files (x86)\SSFK.exe
2015-07-21 09:40 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 09:40 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 09:40 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 09:40 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 08:02 - 2015-07-21 14:46 - 00000000 ____D C:\Program Files (x86)\SFK
2015-07-16 15:47 - 2015-07-16 15:47 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-16 15:14 - 2015-07-21 14:46 - 00000000 ____D C:\Program Files (x86)\WinZipper
2015-07-16 15:14 - 2015-07-16 15:14 - 00000000 ____D C:\Users\Michael\AppData\Roaming\WinZipper
2015-07-16 15:14 - 2015-07-16 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2015-07-16 15:13 - 2015-07-16 15:13 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-16 04:53 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 04:53 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 04:53 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 04:53 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-16 04:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 04:53 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 04:53 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 04:53 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-16 04:53 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 04:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 04:53 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 04:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 04:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 04:53 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 04:53 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-16 04:53 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 04:53 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-16 04:53 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 04:53 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-16 04:53 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 04:53 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 04:53 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-16 04:53 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-16 04:53 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 04:53 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-16 04:53 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-16 04:53 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 04:53 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-16 04:53 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-16 04:53 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 04:53 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-16 04:53 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-16 04:53 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-16 04:53 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-16 04:53 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-16 04:53 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 04:53 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 04:53 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 04:53 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 04:53 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-16 04:53 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 04:53 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-16 04:53 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 04:53 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 04:53 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 04:53 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-16 04:53 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-16 04:53 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-16 04:53 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 04:53 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-16 04:53 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-16 04:53 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 04:53 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-16 04:53 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-16 04:53 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-16 04:53 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 04:53 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 04:53 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 04:53 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 04:53 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 04:53 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-16 04:53 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 04:53 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 04:53 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 04:53 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 04:53 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 04:53 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 04:52 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 04:52 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 04:52 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-16 04:52 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-16 04:52 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-16 04:52 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-16 04:52 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-16 04:52 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-16 04:52 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-16 04:52 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-16 04:52 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-16 04:52 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-16 04:52 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-16 04:52 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 04:52 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 04:52 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 04:52 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 04:52 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 04:52 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 04:52 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 04:52 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 04:52 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 04:52 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 04:52 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 04:52 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-11 18:37 - 2015-07-11 18:37 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 17:47 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-10 17:47 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-10 17:47 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-10 17:47 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-10 17:47 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-10 17:47 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-10 17:47 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-10 17:47 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-10 17:47 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-10 17:47 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-10 17:47 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-10 17:47 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-07-10 17:46 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-10 17:46 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-07-10 17:46 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-07-10 17:46 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-07-10 17:46 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-10 17:33 - 2015-07-10 17:33 - 00001793 _____ C:\Users\Public\Desktop\Picexa.lnk
2015-07-10 17:33 - 2015-07-10 17:33 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Picexa Viewer
2015-07-09 17:27 - 2015-07-21 14:46 - 00000000 ____D C:\Program Files (x86)\Picexa
2015-07-09 17:27 - 2015-07-20 08:02 - 00000000 ____D C:\Users\Michael\AppData\Everything
2015-07-09 17:27 - 2015-07-10 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa
2015-07-09 17:26 - 2015-07-18 00:50 - 00000000 ____D C:\ProgramData\MailUpdate
2015-07-09 17:26 - 2015-07-10 17:32 - 00000000 ____D C:\Users\Michael\AppData\Roaming\MailUpdate
2015-07-03 13:42 - 2015-07-04 01:27 - 00000000 ____D C:\Users\Michael\AppData\Local\avabvexvac
2015-07-03 13:42 - 2015-07-03 13:42 - 00003486 _____ C:\Windows\System32\Tasks\avabvexvac
2015-07-03 09:28 - 2015-07-21 15:39 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA.job
2015-07-03 09:28 - 2015-07-20 08:38 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core.job
2015-07-03 09:28 - 2015-07-20 08:33 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA
2015-07-03 09:28 - 2015-07-20 08:33 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core
2015-07-03 09:28 - 2015-07-03 09:28 - 00000000 ____D C:\Users\Michael\AppData\Local\Dropbox
2015-07-03 09:28 - 2015-07-03 09:28 - 00000000 ____D C:\ProgramData\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)
         

der Log geht noch weiter - muss die Zeichen beachten...

Alt 21.07.2015, 17:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Hi,

poste jetzt den Rest
__________________

__________________

Alt 21.07.2015, 20:30   #3
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Code:
ATTFilter
(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 15:39 - 2011-01-07 19:34 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C1C071B-4321-4819-87FF-E3B8CE27ADEF}
2015-07-21 15:39 - 2011-01-07 19:18 - 00000000 ____D C:\Users\Michael
2015-07-21 15:24 - 2013-09-22 10:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-21 15:00 - 2011-09-23 18:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-21 15:00 - 2011-09-23 18:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-21 14:58 - 2011-01-07 19:18 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2015-07-21 14:53 - 2009-07-14 06:45 - 00020224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-21 14:53 - 2009-07-14 06:45 - 00020224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-21 14:49 - 2015-04-05 00:49 - 00001372 _____ C:\Windows\Tasks\roller_coaster_park_notification_service.job
2015-07-21 14:48 - 2011-01-05 18:09 - 01891779 ____N C:\Windows\WindowsUpdate.log
2015-07-21 14:47 - 2013-11-12 23:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-21 14:45 - 2015-02-10 01:44 - 00002112 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user.job
2015-07-21 14:45 - 2014-11-28 23:04 - 00000000 ___RD C:\Users\Michael\Dropbox
2015-07-21 14:45 - 2014-11-28 23:02 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox
2015-07-21 14:44 - 2015-02-10 01:44 - 00005518 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6.job
2015-07-21 14:44 - 2015-02-10 01:44 - 00003138 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.job
2015-07-21 14:43 - 2015-04-05 01:49 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-21 14:43 - 2015-04-05 00:49 - 00000734 _____ C:\Windows\Tasks\roller_coaster_park_updating_service.job
2015-07-21 14:43 - 2015-02-10 01:44 - 00005182 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7.job
2015-07-21 14:43 - 2015-02-10 01:44 - 00003474 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.job
2015-07-21 14:43 - 2015-02-10 01:44 - 00002446 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user.job
2015-07-21 14:43 - 2015-02-10 01:44 - 00002446 _____ C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5.job
2015-07-21 14:43 - 2015-02-10 01:44 - 00000896 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-21 14:43 - 2013-06-03 15:18 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-21 14:43 - 2011-01-05 17:20 - 00000000 ____D C:\Temp
2015-07-21 14:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-21 14:42 - 2010-11-09 18:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-21 12:49 - 2015-02-10 01:44 - 00000900 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-21 12:21 - 2009-07-14 06:45 - 04922256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 08:09 - 2014-12-27 14:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-19 01:10 - 2012-12-22 23:57 - 00000000 ____D C:\Program Files\PeerBlock
2015-07-18 15:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-18 14:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-17 00:20 - 2011-08-27 13:12 - 00000000 ____D C:\Windows\rescache
2015-07-16 21:33 - 2014-07-05 11:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 15:47 - 2013-11-12 23:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 15:47 - 2013-02-23 11:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 15:47 - 2013-02-23 11:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 15:12 - 2015-02-10 01:45 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-16 14:55 - 2011-09-23 18:02 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 14:55 - 2011-09-23 18:02 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 04:57 - 2013-08-20 10:23 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 17:57 - 2014-05-21 16:14 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 07:46 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2015-07-14 07:46 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2015-07-12 13:27 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-11 07:00 - 2014-11-29 09:57 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieBrowserModeList
2015-07-11 07:00 - 2014-04-23 19:17 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieUserList
2015-07-11 07:00 - 2014-04-23 19:17 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieSiteList
2015-07-11 06:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-10 17:32 - 2015-04-05 00:49 - 00000000 ____D C:\Program Files (x86)\roller coaster park
2015-07-10 17:32 - 2011-01-21 20:46 - 00000000 ____D C:\ProgramData\ICQ
2015-07-10 07:27 - 2014-06-18 14:26 - 00000000 ____D C:\Users\Michael\AppData\Roaming\TP-LINK
2015-07-10 07:27 - 2014-05-21 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-10 07:27 - 2014-05-12 10:13 - 00000000 ____D C:\ProgramData\Netzmanager
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-09 17:54 - 2012-02-11 22:57 - 00000000 ____D C:\Windows\Minidump
2015-07-08 20:31 - 2014-06-19 12:40 - 00000000 ____D C:\Users\Michael\Desktop\weiteres
2015-07-08 08:27 - 2014-03-23 14:22 - 00000000 ____D C:\Users\Michael\Desktop\stuff
2015-07-05 14:33 - 2013-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-05 12:08 - 2014-05-11 14:37 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 10:14 - 2011-01-07 20:47 - 00000000 ____D C:\Users\Michael\AppData\Roaming\BitTorrent
2015-07-03 08:43 - 2010-11-10 09:51 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-07-21 14:46 - 2015-07-21 14:46 - 0459464 _____ (TODO: <公司名>) C:\Program Files (x86)\SSFK.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Michael\AppData\Roaming\B3ygyK0cF8QWU9Cm0Ncihqx
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Michael\AppData\Roaming\QtUIu0BUHXTfyZJc4cdU8i6NM
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Michael\AppData\Roaming\Y9r1Q3cN
2011-03-11 11:23 - 2011-03-11 11:23 - 0000095 _____ () C:\Users\Michael\AppData\Local\fusioncache.dat

Some files in TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxonfql.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-14 11:05

==================== End of log ============================
         

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Michael at 2015-07-21 15:44:05
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3406820721-3590820294-1622690160-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3406820721-3590820294-1622690160-1002 - Limited - Enabled)
Gast (S-1-5-21-3406820721-3590820294-1622690160-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3406820721-3590820294-1622690160-1005 - Limited - Enabled)
Michael (S-1-5-21-3406820721-3590820294-1622690160-1000 - Administrator - Enabled) => C:\Users\Michael
UpdatusUser (S-1-5-21-3406820721-3590820294-1622690160-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Any Video Converter 3.2.7 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{7A23D2C6-6FF9-EBAD-73E2-4717BB08983F}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AVG 2013 (Version: 13.0.3211 - AVG Technologies) Hidden
BitTorrent (HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Door Kickers (HKLM-x32\...\Steam App 248610) (Version:  - KillHouse Games)
Dropbox (HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version:  - Black Isle Studios)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Hitman: Contracts (HKLM-x32\...\Hitman: Contracts) (Version:  - Eidos)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.650 - Oracle)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
KKND Krossfire (HKLM-x32\...\KKND Krossfire) (Version:  - )
K-Lite Codec Pack 6.4.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version:  - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero 9 Essentials (HKLM-x32\...\{ad665dd6-dccd-4087-9646-f5e0b21729f9}) (Version:  - Nero AG)
NET Render Client 11.514 (HKLM\...\MAXON0A99C549) (Version: 11.514 - MAXON Computer GmbH)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{4216D328-0FE8-48B8-85B8-BD300E6F080F}) (Version: 7.1.36.0 - Nokia)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Picexa (HKLM-x32\...\Picexa) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited)
Pro Evolution Soccer 2015 Demo (HKLM-x32\...\Steam App 321280) (Version:  - KONAMI Digital Entertainment)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Randal's Monday Demo (HKLM-x32\...\Steam App 333140) (Version:  - Nexus Game Studios)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sonic CinePlayer DVD Pack (HKLM-x32\...\{D4576E0D-2295-4B8E-B663-B68086B00EE5}) (Version: 1.50.0000 - Sonic Solutions)
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Star Wars® Knights of the Old Republic® COLLECTION (HKLM-x32\...\{18B4F6B3-C2FA-4615-BB61-7DF02E16AA4E}) (Version: 1.00.0000 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Longest Journey (HKLM-x32\...\{0280F0D8-1542-4DAA-913C-8529E2A3835D}) (Version:  - )
The Witcher Enhanced Edition Version 1.6 (HKLM-x32\...\The Witcher Enhanced Edition_is1) (Version: 1.6 - CD Projekt RED)
The-Go-Photo-it-v11 (HKLM-x32\...\The-Go-Photo-it-v11) (Version: 1.36.01.22 - joep)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
Torchlight II Demo (HKLM-x32\...\Steam App 219850) (Version:  - Runic Games)
Torchlight Version 1.0 (HKLM-x32\...\{A3DD2EC4-D17E-4EE1-B6A5-4C7075B34627}_is1) (Version: 1.0 - Nordic Games GmbH)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Ralink (netr28ux) Net  (10/29/2008 2.02.04.0000) (HKLM\...\8BB5DA3C36385C31E93B2F21A5A1E38F22BEC20A) (Version: 10/29/2008 2.02.04.0000 - Ralink)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.104 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
XnView 1.97.8 (HKLM-x32\...\XnView_is1) (Version: 1.97.8 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\CAD\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\CAD\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\CAD\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\CAD\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\CAD\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3406820721-3590820294-1622690160-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

13-07-2015 20:48:33 Windows Update
16-07-2015 04:50:02 Windows Update
16-07-2015 16:51:49 Windows Update
21-07-2015 09:44:22 Windows Update
21-07-2015 10:50:06 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D296F9-A176-4A45-BEC2-3FEB339736F2} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7 => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.exe [2015-02-10] (joep) <==== ATTENTION
Task: {0A6777B2-FF5F-40C2-A741-BEA30B6989F5} - System32\Tasks\Google Updater and Installer => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0FF0B1B7-7FF5-4B7C-A2AD-D8DF6C16AAA0} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe [2015-02-10] (joep) <==== ATTENTION
Task: {10A4F2D5-410A-4206-B545-9C39D9BDEFDE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {13D95506-141D-4409-9BDF-D1354EDE524B} - System32\Tasks\roller_coaster_park_updating_service => C:\Program Files (x86)\roller coaster park\roller_coaster_park_updating_service.exe <==== ATTENTION
Task: {24CD6103-BC9E-41C1-BD0A-17158AEC8E59} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-03] (Dropbox, Inc.)
Task: {2B50813C-4DD3-42D6-89F9-6248624EFCA2} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {2FDBD8A9-265F-49CE-9B5D-AFAA31D4FC53} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{7B1DB310-D52A-44B1-8F2D-6ED208DEA7A8}.exe
Task: {481DDDD8-8E94-4D15-A69C-187B3BDF91DE} - System32\Tasks\roller_coaster_park_notification_service => C:\Program Files (x86)\roller coaster park\roller_coaster_park_notification_service.exe [2015-04-05] (FileProperties_CompanyName) <==== ATTENTION
Task: {780D28E0-614F-4098-963C-BC6A832F73E4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-03] (Dropbox, Inc.)
Task: {813F6E43-5451-4591-BDCC-112BC4A147FD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {83E30FC3-B5D4-4DB2-B6BD-70BDBAF6B6F1} - System32\Tasks\avabvexvac => C:\Users\Michael\AppData\Local\avabvexvac\avabvexvac.exe [2015-07-02] () <==== ATTENTION
Task: {8A20218B-EF98-4856-96D2-C2CF049CD037} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {8AC1B0E3-C01E-4F84-A9AC-D3B2BA4FB36E} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7 => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-7.exe [2015-02-10] (joep) <==== ATTENTION
Task: {8C5C9C73-264B-4F49-AA23-3D107AFDB10E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11] (Oracle Corporation)
Task: {8DEAB2BF-75EC-48EF-ACFD-898F9A9A0C0E} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {93740AAA-1C04-4AC9-AD6B-8D57CA2A9C84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-28] (Google Inc.)
Task: {93EC2A78-A680-4803-80BC-F0C776CD1D68} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {9970E609-8338-4BB2-B1D8-DB3374FFAD42} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6 => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe [2015-02-10] (joep) <==== ATTENTION
Task: {9DBA9E88-F555-4F49-8A5C-A359AC03823E} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6 => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe [2015-02-10] (joep) <==== ATTENTION
Task: {AC25AD58-70FB-4FE3-A90D-5873AE7C8BEE} - System32\Tasks\{A2604607-8696-4D32-BF07-A97679A4CBC7} => pcalua.exe -a "C:\Users\Michael\Downloads\epson324794eu (1).exe" -d C:\Users\Michael\Downloads
Task: {B760D547-6DEF-4B13-B474-CD4B76C1BD02} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-10.exe [2015-02-10] (joep) <==== ATTENTION
Task: {B81F3178-8F76-4D66-89C4-6C9836A9AA42} - System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5 => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe [2015-02-10] (joep) <==== ATTENTION
Task: {C6D28CDB-BC0F-4601-9644-91DEDAE7B7B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-28] (Google Inc.)
Task: {CCC9B3FE-3415-4514-A2C7-5C68E74420FC} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {E2499863-4CF4-4E2A-8046-D00178D17C19} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {FDE3227C-0E22-46C5-A21B-A80B17D43782} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FF6A3BD9-F874-46DA-AB39-E5793692A6FB} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7.job => C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\108abbfd-af07-431a-8138-2dd0ce19f45d-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV07.05\108abbfd-af07-431a-8138-2dd0ce19f45d-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7B1DB310-D52A-44B1-8F2D-6ED208DEA7A8}.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core.job => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA.job => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\roller_coaster_park_notification_service.job => C:\Program Files (x86)\roller coaster park\roller_coaster_park_notification_service.exeǯ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='roller coaster park' /appid='73143' /srcid='2913' /bic='95a2df9936665cc593b88ca5efa3ee36' /verifier='e70bb96bc154e90c35d5f60ea0866486' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\roller_coaster_park_updating_service.job => C:\Program Files (x86)\roller coaster park\roller_coaster_park_updating_service.exe´ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=roller_coaster_park_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2012-11-18 23:04 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-10 18:19 - 2015-07-10 18:19 - 00567296 _____ () C:\Program Files (x86)\SFK\SFKEX64.dll
2010-10-19 09:31 - 2010-10-19 09:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2015-07-10 18:19 - 2015-07-10 18:19 - 00122880 _____ () C:\Program Files (x86)\SFK\SFKEX64.exe
2012-03-17 02:05 - 2012-03-17 02:05 - 00108544 _____ () C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
2015-07-21 15:38 - 2015-07-21 15:38 - 00050477 _____ () C:\Users\Michael\Desktop\Defogger.exe
2013-10-31 17:05 - 2013-10-31 17:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-07-21 14:44 - 2015-07-21 14:44 - 00043008 _____ () c:\users\michael\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxonfql.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00111104 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 02285056 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00219648 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00049664 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00070144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00238080 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00093696 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00258560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00047616 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00440832 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00724992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00083968 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00035840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00106496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 01304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00310272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 01235456 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 11595264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00044544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00386560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00196608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00092160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00154624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00073728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 01719296 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00051712 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00057344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00042496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00087040 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00184832 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 01318912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00051200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00043008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00371200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00265216 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00947200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00182272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00068608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00135168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 01518080 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00034816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00038400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00035328 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00045568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00033792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2012-03-17 02:05 - 2012-03-17 02:05 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1F6DDA7A-7DBA-4390-BFF3-1B8D49FA5C3A}C:\cad\c4d\net render client 64 bit.exe] => (Block) C:\cad\c4d\net render client 64 bit.exe
FirewallRules: [UDP Query User{36BB440F-8F8D-4C54-B97A-F57389AD736C}C:\cad\c4d\net render client 64 bit.exe] => (Block) C:\cad\c4d\net render client 64 bit.exe
FirewallRules: [TCP Query User{6977A539-DAB3-4B27-BC07-1E1B75AF5F3A}C:\cad\c4d\net render client.exe] => (Allow) C:\cad\c4d\net render client.exe
FirewallRules: [UDP Query User{B31F8772-1321-42BC-8522-E6EC7A1FD98E}C:\cad\c4d\net render client.exe] => (Allow) C:\cad\c4d\net render client.exe
FirewallRules: [{C222FF32-A7B3-460C-A524-BC01CD1F24EA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{189521AA-58BA-4C5C-AF04-6B7736FDC2F2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{EDD67C45-5148-4889-8C15-606E33DEBF85}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{ED8C1D5E-F4AE-4FC1-B781-CF049669C8D1}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{BCBD2527-4DA2-4D05-9E1D-F573C29CF9B6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{5B115975-98E9-49B7-AAE6-15F3A2B3D5E8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B77596F8-B079-4AEF-AE04-9AEB03E45F7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{4CC87A97-5B79-4565-BA87-587C8C5D1AF8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A8F024F3-8BD4-43F0-805F-C3DDEBCDC6B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{57D517FE-DA52-43BD-AE36-07EE0D400090}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1D8CAF7E-BA6A-4AC8-A89C-D00EF5CB342F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{F1EB3425-A817-4CE8-BCA4-893543153F66}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{961CA64A-89E6-4342-8C40-7F475E2BFDB1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{B037F89D-DDEF-4687-9D9C-FF9B32698BCF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{B1F812A1-0AE0-4F25-9959-C2D187612D62}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{9E96596D-2080-4A3A-881B-E2BE2FFCD4FA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{923108A9-1021-42A9-B808-BFD3F0A91B8D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [TCP Query User{614F554E-CD92-4384-94D9-004FE5606FBE}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{F52EA9A0-93FA-44F9-868A-07C64F851D34}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{43945154-441B-4C48-A3F1-85431BADC016}D:\splinter cell pandora tomorrow\pandora.exe] => (Block) D:\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [UDP Query User{1E743F1A-F9DB-47AB-9B2B-E04946C703E7}D:\splinter cell pandora tomorrow\pandora.exe] => (Block) D:\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{75F727C0-E747-496A-97ED-6D4407531055}] => (Allow) D:\SteamLibrary\SteamApps\common\Torchlight II\Torchlight2Demo.exe
FirewallRules: [{D19D858A-C3F2-4B9A-BEF2-B9A69C253E1F}] => (Allow) D:\SteamLibrary\SteamApps\common\Torchlight II\Torchlight2Demo.exe
FirewallRules: [{4529A749-C9A8-436C-AF13-0977385DF465}] => (Allow) D:\SteamLibrary\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{37193E89-8CCF-4BA2-9D94-28134AFDA488}] => (Allow) D:\SteamLibrary\SteamApps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [TCP Query User{E2A3FD09-0146-4A9E-84C0-92647D6E5F2E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{93AC695A-6712-4A83-B55A-D694A2707409}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{CFC19D4F-B40D-4E16-BBA2-F41FCA43C833}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{818BD1B7-E7D0-43FC-AA48-4CB05EDA4D1C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6300B8B2-4566-411C-8070-1A4B46816741}] => (Allow) D:\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2015 Demo\PES2015.exe
FirewallRules: [{F0031F2F-006E-4897-8518-87AF3E5A1408}] => (Allow) D:\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2015 Demo\PES2015.exe
FirewallRules: [{23C7B873-4002-4080-9F60-BE154F54A284}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C069AF0E-08BC-479B-8DD1-E2D750F211BB}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{14C30F6F-6CE0-4311-ACDB-D96D2E9CC88C}] => (Allow) D:\SteamLibrary\SteamApps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{7231D64A-D97F-40AB-AABD-C453E2CBB87F}] => (Allow) D:\SteamLibrary\SteamApps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{7CFEE102-81CA-4AA8-8981-13BF344ED014}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{E90039F6-DC79-4AE1-88B2-5A629CD9A3A5}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{660F0013-4383-42B4-839E-D28D51A54720}D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [UDP Query User{CC8EFF6B-4E8A-4143-AA46-D277F6955B58}D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{5AEEDD79-547A-4118-831F-D46011ADD466}] => (Allow) C:\Users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{0E6FA093-7845-4B55-8D4B-D70633B088B0}] => (Allow) C:\Users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{1AD40834-BA0E-482A-AD28-132E2EFA4487}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{42EA0778-03BC-4F8F-81ED-D5CA3C152FD2}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [TCP Query User{EA491499-8D67-418B-BCC4-913A1774F249}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{D84A0F12-CC7A-487B-A598-CE34516C6DED}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [{188A1FCA-B456-4F59-A407-E28BCE4390D7}] => (Allow) D:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{958C72EC-0328-490D-BEE0-952CBF046A9C}] => (Allow) D:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{A1818C5B-8B7D-485E-A962-3553AE5113DD}] => (Allow) D:\SteamLibrary\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [{214A9798-B68F-4A38-AE19-D49406B67F5F}] => (Allow) D:\SteamLibrary\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [TCP Query User{1F0BA180-A6EC-400B-8625-79AC290EF7E6}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5FC785FD-B134-43C1-9FEA-1EF1F6ACDB63}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C7ECBF4F-D100-47D9-AF40-9173333BB318}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2015 03:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17910 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: eb0

Startzeit: 01d0c3b32d895d69

Endzeit: 10

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID:

Error: (07/19/2015 04:57:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bf0

Startzeit: 01d0c22f07d2f16a

Endzeit: 59260

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 6400bdd3-2e26-11e5-9cfc-d027881ae702

Error: (07/18/2015 03:55:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/18/2015 12:36:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TWCU.exe, Version: 0.0.0.0, Zeitstempel: 0x50373e94
Name des fehlerhaften Moduls: WJRtl.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5008ad7f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6e00da10
ID des fehlerhaften Prozesses: 0xf00
Startzeit der fehlerhaften Anwendung: 0xTWCU.exe0
Pfad der fehlerhaften Anwendung: TWCU.exe1
Pfad des fehlerhaften Moduls: TWCU.exe2
Berichtskennung: TWCU.exe3

Error: (07/17/2015 12:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/16/2015 09:33:04 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michael-PC)
Description: Produkt: Adobe Reader XI (11.0.11) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/16/2015 09:20:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Michael-PC)
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert. 

 Details - Es wurde versucht, einen Registrierungsschlüssel einem unzulässigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

Error: (07/16/2015 04:16:39 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/15/2015 10:18:47 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/14/2015 11:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (07/21/2015 02:53:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/21/2015 02:53:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/21/2015 02:45:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Cinemsup

Error: (07/21/2015 02:43:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/21/2015 02:42:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/21/2015 02:42:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Cinemsup.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/21/2015 12:30:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/21/2015 12:30:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/21/2015 12:21:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Cinemsup

Error: (07/21/2015 12:21:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office:
=========================
Error: (07/21/2015 03:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17910eb001d0c3b32d895d6910C:\Program Files\Internet Explorer\iexplore.exe

Error: (07/19/2015 04:57:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17514bf001d0c22f07d2f16a59260C:\Windows\Explorer.EXE6400bdd3-2e26-11e5-9cfc-d027881ae702

Error: (07/18/2015 03:55:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/18/2015 12:36:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TWCU.exe0.0.0.050373e94WJRtl.dll_unloaded0.0.0.05008ad7fc00000056e00da10f0001d0c0e0fdf54349C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exeWJRtl.dll54bb52ba-2cd4-11e5-aee7-c04a00191218

Error: (07/17/2015 12:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/16/2015 09:33:04 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michael-PC)
Description: Adobe Reader XI (11.0.11) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)

Error: (07/16/2015 09:20:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Michael-PC)
Description: Es wurde versucht, einen Registrierungsschlüssel einem unzulässigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

Error: (07/16/2015 04:16:39 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/15/2015 10:18:47 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/14/2015 11:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 46%
Total physical RAM: 4094.18 MB
Available physical RAM: 2182.56 MB
Total Virtual: 8186.55 MB
Available Virtual: 6039.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.01 GB) (Free:23.81 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:365.75 GB) (Free:316.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6439E796)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=365.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---
__________________

Alt 22.07.2015, 08:12   #4
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    WinZipper


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.07.2015, 11:35   #5
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.07.22.02
rootkit: v2015.07.17.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Michael :: MICHAEL-PC [administrator]

22.07.2015 11:25:53
mbar-log-2015-07-22 (11-25-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 410426
Time elapsed: 24 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:
ATTFilter
11:55:25.0950 0x0f84  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:55:36.0030 0x0f84  ============================================================
11:55:36.0030 0x0f84  Current date / time: 2015/07/22 11:55:36.0030
11:55:36.0030 0x0f84  SystemInfo:
11:55:36.0030 0x0f84  
11:55:36.0030 0x0f84  OS Version: 6.1.7601 ServicePack: 1.0
11:55:36.0030 0x0f84  Product type: Workstation
11:55:36.0030 0x0f84  ComputerName: MICHAEL-PC
11:55:36.0030 0x0f84  UserName: Michael
11:55:36.0030 0x0f84  Windows directory: C:\Windows
11:55:36.0030 0x0f84  System windows directory: C:\Windows
11:55:36.0030 0x0f84  Running under WOW64
11:55:36.0030 0x0f84  Processor architecture: Intel x64
11:55:36.0030 0x0f84  Number of processors: 4
11:55:36.0030 0x0f84  Page size: 0x1000
11:55:36.0030 0x0f84  Boot type: Normal boot
11:55:36.0030 0x0f84  ============================================================
11:55:37.0850 0x0f84  KLMD registered as C:\Windows\system32\drivers\67140763.sys
11:55:38.0310 0x0f84  System UUID: {DD201F2F-E5C9-6B59-9552-7692B5529C6D}
11:55:38.0960 0x0f84  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:55:38.0990 0x0f84  ============================================================
11:55:38.0990 0x0f84  \Device\Harddisk0\DR0:
11:55:38.0990 0x0f84  MBR partitions:
11:55:39.0000 0x0f84  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC803000
11:55:39.0000 0x0f84  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC803800, BlocksNum 0x2DB82000
11:55:39.0000 0x0f84  ============================================================
11:55:39.0020 0x0f84  C: <-> \Device\Harddisk0\DR0\Partition1
11:55:39.0060 0x0f84  D: <-> \Device\Harddisk0\DR0\Partition2
11:55:39.0070 0x0f84  ============================================================
11:55:39.0070 0x0f84  Initialize success
11:55:39.0070 0x0f84  ============================================================
11:57:05.0204 0x0900  ============================================================
11:57:05.0204 0x0900  Scan started
11:57:05.0204 0x0900  Mode: Manual; SigCheck; TDLFS; 
11:57:05.0214 0x0900  ============================================================
11:57:05.0214 0x0900  KSN ping started
11:57:07.0784 0x0900  KSN ping finished: true
11:57:09.0264 0x0900  ================ Scan system memory ========================
11:57:09.0264 0x0900  System memory - ok
11:57:09.0264 0x0900  ================ Scan services =============================
11:57:09.0424 0x0900  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:57:09.0574 0x0900  1394ohci - ok
11:57:09.0634 0x0900  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:57:09.0674 0x0900  ACPI - ok
11:57:09.0704 0x0900  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:57:09.0784 0x0900  AcpiPmi - ok
11:57:09.0914 0x0900  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:57:09.0924 0x0900  AdobeARMservice - ok
11:57:10.0024 0x0900  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:57:10.0044 0x0900  AdobeFlashPlayerUpdateSvc - ok
11:57:10.0094 0x0900  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:57:10.0114 0x0900  adp94xx - ok
11:57:10.0164 0x0900  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:57:10.0174 0x0900  adpahci - ok
11:57:10.0204 0x0900  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:57:10.0214 0x0900  adpu320 - ok
11:57:10.0244 0x0900  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:57:10.0334 0x0900  AeLookupSvc - ok
11:57:10.0414 0x0900  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:57:10.0494 0x0900  AFD - ok
11:57:10.0534 0x0900  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:57:10.0544 0x0900  agp440 - ok
11:57:10.0584 0x0900  [ EDA7E60B5A47D9E47E0E843CAC624FF3, 4519286AEFCC9BE5EFC18636F3026CADB52C90A238F435A5E0D33F00B9F817CC ] ahcix64s        C:\Windows\system32\DRIVERS\ahcix64s.sys
11:57:10.0624 0x0900  ahcix64s - ok
11:57:10.0644 0x0900  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:57:10.0694 0x0900  ALG - ok
11:57:10.0724 0x0900  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:57:10.0724 0x0900  aliide - ok
11:57:10.0734 0x0900  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:57:10.0744 0x0900  amdide - ok
11:57:10.0774 0x0900  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:57:10.0804 0x0900  AmdK8 - ok
11:57:10.0824 0x0900  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:57:10.0844 0x0900  AmdPPM - ok
11:57:10.0884 0x0900  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:57:10.0894 0x0900  amdsata - ok
11:57:10.0924 0x0900  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:57:10.0934 0x0900  amdsbs - ok
11:57:10.0954 0x0900  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:57:10.0964 0x0900  amdxata - ok
11:57:11.0004 0x0900  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:57:11.0054 0x0900  AppID - ok
11:57:11.0074 0x0900  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:57:11.0104 0x0900  AppIDSvc - ok
11:57:11.0134 0x0900  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
11:57:11.0174 0x0900  Appinfo - ok
11:57:11.0204 0x0900  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:57:11.0214 0x0900  arc - ok
11:57:11.0234 0x0900  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:57:11.0244 0x0900  arcsas - ok
11:57:11.0334 0x0900  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:57:11.0394 0x0900  aspnet_state - ok
11:57:11.0414 0x0900  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:57:11.0454 0x0900  AsyncMac - ok
11:57:11.0494 0x0900  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:57:11.0504 0x0900  atapi - ok
11:57:11.0574 0x0900  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
11:57:11.0584 0x0900  AtiPcie - ok
11:57:11.0654 0x0900  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
11:57:11.0694 0x0900  atksgt - ok
11:57:11.0784 0x0900  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:57:11.0844 0x0900  AudioEndpointBuilder - ok
11:57:11.0864 0x0900  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:57:11.0894 0x0900  AudioSrv - ok
11:57:11.0974 0x0900  [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
11:57:12.0064 0x0900  Autodesk Licensing Service - ok
11:57:12.0104 0x0900  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:57:12.0194 0x0900  AxInstSV - ok
11:57:12.0244 0x0900  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:57:12.0294 0x0900  b06bdrv - ok
11:57:12.0334 0x0900  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:57:12.0374 0x0900  b57nd60a - ok
11:57:12.0414 0x0900  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:57:12.0454 0x0900  BDESVC - ok
11:57:12.0464 0x0900  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:57:12.0524 0x0900  Beep - ok
11:57:12.0584 0x0900  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:57:12.0674 0x0900  BFE - ok
11:57:12.0724 0x0900  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:57:12.0864 0x0900  BITS - ok
11:57:12.0884 0x0900  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:57:12.0904 0x0900  blbdrive - ok
11:57:12.0954 0x0900  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:57:13.0014 0x0900  bowser - ok
11:57:13.0024 0x0900  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:57:13.0104 0x0900  BrFiltLo - ok
11:57:13.0114 0x0900  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:57:13.0144 0x0900  BrFiltUp - ok
11:57:13.0164 0x0900  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:57:13.0204 0x0900  Browser - ok
11:57:13.0234 0x0900  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:57:13.0284 0x0900  Brserid - ok
11:57:13.0304 0x0900  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:57:13.0334 0x0900  BrSerWdm - ok
11:57:13.0354 0x0900  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:57:13.0374 0x0900  BrUsbMdm - ok
11:57:13.0384 0x0900  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:57:13.0404 0x0900  BrUsbSer - ok
11:57:13.0444 0x0900  [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
11:57:13.0494 0x0900  BTCFilterService - ok
11:57:13.0514 0x0900  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:57:13.0554 0x0900  BTHMODEM - ok
11:57:13.0584 0x0900  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:57:13.0644 0x0900  bthserv - ok
11:57:13.0664 0x0900  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:57:13.0694 0x0900  cdfs - ok
11:57:13.0714 0x0900  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:57:13.0724 0x0900  cdrom - ok
11:57:13.0764 0x0900  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:57:13.0814 0x0900  CertPropSvc - ok
11:57:13.0834 0x0900  Cinemsup - ok
11:57:13.0844 0x0900  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:57:13.0874 0x0900  circlass - ok
11:57:13.0904 0x0900  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:57:13.0924 0x0900  CLFS - ok
11:57:14.0054 0x0900  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:57:14.0084 0x0900  clr_optimization_v2.0.50727_32 - ok
11:57:14.0184 0x0900  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:57:14.0214 0x0900  clr_optimization_v2.0.50727_64 - ok
11:57:14.0264 0x0900  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:57:14.0284 0x0900  clr_optimization_v4.0.30319_32 - ok
11:57:14.0304 0x0900  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:57:14.0344 0x0900  clr_optimization_v4.0.30319_64 - ok
11:57:14.0374 0x0900  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:57:14.0394 0x0900  CmBatt - ok
11:57:14.0424 0x0900  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:57:14.0434 0x0900  cmdide - ok
11:57:14.0474 0x0900  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:57:14.0514 0x0900  CNG - ok
11:57:14.0524 0x0900  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:57:14.0534 0x0900  Compbatt - ok
11:57:14.0574 0x0900  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:57:14.0604 0x0900  CompositeBus - ok
11:57:14.0624 0x0900  COMSysApp - ok
11:57:14.0634 0x0900  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:57:14.0644 0x0900  crcdisk - ok
11:57:14.0684 0x0900  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:57:14.0714 0x0900  CryptSvc - ok
11:57:14.0754 0x0900  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:57:14.0814 0x0900  DcomLaunch - ok
11:57:14.0844 0x0900  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:57:14.0894 0x0900  defragsvc - ok
11:57:14.0914 0x0900  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:57:14.0954 0x0900  DfsC - ok
11:57:14.0994 0x0900  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:57:15.0044 0x0900  Dhcp - ok
11:57:15.0074 0x0900  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:57:15.0104 0x0900  discache - ok
11:57:15.0154 0x0900  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:57:15.0174 0x0900  Disk - ok
11:57:15.0224 0x0900  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:57:15.0284 0x0900  Dnscache - ok
11:57:15.0354 0x0900  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:57:15.0424 0x0900  dot3svc - ok
11:57:15.0454 0x0900  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:57:15.0494 0x0900  DPS - ok
11:57:15.0524 0x0900  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:57:15.0554 0x0900  drmkaud - ok
11:57:15.0604 0x0900  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:57:15.0644 0x0900  DXGKrnl - ok
11:57:15.0674 0x0900  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:57:15.0714 0x0900  EapHost - ok
11:57:15.0824 0x0900  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:57:15.0944 0x0900  ebdrv - ok
11:57:15.0974 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
11:57:15.0994 0x0900  EFS - ok
11:57:16.0094 0x0900  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:57:16.0164 0x0900  ehRecvr - ok
11:57:16.0204 0x0900  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:57:16.0264 0x0900  ehSched - ok
11:57:16.0294 0x0900  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:57:16.0324 0x0900  elxstor - ok
11:57:16.0354 0x0900  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:57:16.0374 0x0900  ErrDev - ok
11:57:16.0424 0x0900  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:57:16.0474 0x0900  EventSystem - ok
11:57:16.0494 0x0900  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:57:16.0534 0x0900  exfat - ok
11:57:16.0564 0x0900  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:57:16.0614 0x0900  fastfat - ok
11:57:16.0674 0x0900  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:57:16.0734 0x0900  Fax - ok
11:57:16.0764 0x0900  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:57:16.0774 0x0900  fdc - ok
11:57:16.0804 0x0900  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:57:16.0844 0x0900  fdPHost - ok
11:57:16.0854 0x0900  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:57:16.0924 0x0900  FDResPub - ok
11:57:16.0954 0x0900  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:57:16.0964 0x0900  FileInfo - ok
11:57:16.0974 0x0900  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:57:17.0014 0x0900  Filetrace - ok
11:57:17.0094 0x0900  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:57:17.0145 0x0900  FLEXnet Licensing Service - ok
11:57:17.0175 0x0900  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:57:17.0205 0x0900  flpydisk - ok
11:57:17.0245 0x0900  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:57:17.0255 0x0900  FltMgr - ok
11:57:17.0345 0x0900  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
11:57:17.0435 0x0900  FontCache - ok
11:57:17.0475 0x0900  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:57:17.0485 0x0900  FontCache3.0.0.0 - ok
11:57:17.0505 0x0900  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:57:17.0525 0x0900  FsDepends - ok
11:57:17.0555 0x0900  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:57:17.0565 0x0900  Fs_Rec - ok
11:57:17.0625 0x0900  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:57:17.0645 0x0900  fvevol - ok
11:57:17.0655 0x0900  FXDrv32 - ok
11:57:17.0675 0x0900  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:57:17.0695 0x0900  gagp30kx - ok
11:57:17.0705 0x0900  GEARAspiWDM - ok
11:57:17.0795 0x0900  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:57:17.0875 0x0900  gpsvc - ok
11:57:17.0965 0x0900  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:57:17.0985 0x0900  gupdate - ok
11:57:17.0985 0x0900  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:57:17.0995 0x0900  gupdatem - ok
11:57:18.0025 0x0900  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:57:18.0065 0x0900  hcw85cir - ok
11:57:18.0095 0x0900  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:57:18.0125 0x0900  HDAudBus - ok
11:57:18.0145 0x0900  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:57:18.0165 0x0900  HidBatt - ok
11:57:18.0195 0x0900  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:57:18.0215 0x0900  HidBth - ok
11:57:18.0245 0x0900  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:57:18.0265 0x0900  HidIr - ok
11:57:18.0285 0x0900  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:57:18.0335 0x0900  hidserv - ok
11:57:18.0355 0x0900  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:57:18.0385 0x0900  HidUsb - ok
11:57:18.0405 0x0900  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:57:18.0455 0x0900  hkmsvc - ok
11:57:18.0485 0x0900  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:57:18.0525 0x0900  HomeGroupListener - ok
11:57:18.0565 0x0900  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:57:18.0575 0x0900  HomeGroupProvider - ok
11:57:18.0605 0x0900  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:57:18.0615 0x0900  HpSAMD - ok
11:57:18.0715 0x0900  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:57:18.0785 0x0900  HTTP - ok
11:57:18.0815 0x0900  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:57:18.0835 0x0900  hwpolicy - ok
11:57:18.0865 0x0900  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:57:18.0885 0x0900  i8042prt - ok
11:57:18.0935 0x0900  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:57:18.0955 0x0900  iaStorV - ok
11:57:19.0015 0x0900  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:57:19.0055 0x0900  idsvc - ok
11:57:19.0085 0x0900  IEEtwCollectorService - ok
11:57:19.0175 0x0900  [ 59B5A12463E9C8F967051D1FCDF8C525, ABC3B7F19A38E81139ED30B32C36B10499B93DDCE5FFEA7C956325802B083A44 ] IHProtect Service C:\Program Files (x86)\MiuiTab\ProtectService.exe
11:57:19.0195 0x0900  IHProtect Service - ok
11:57:19.0215 0x0900  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:57:19.0235 0x0900  iirsp - ok
11:57:19.0295 0x0900  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:57:19.0345 0x0900  IKEEXT - ok
11:57:19.0415 0x0900  [ EE64207F2F5C20BFE5F73DB2566C4601, 760874FA661EC86B25802BFC03E238EA2DCBB5AFD3444AC5101A0C3AD4D7BED9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:57:19.0565 0x0900  IntcAzAudAddService - ok
11:57:19.0595 0x0900  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:57:19.0605 0x0900  intelide - ok
11:57:19.0625 0x0900  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:57:19.0655 0x0900  intelppm - ok
11:57:19.0675 0x0900  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:57:19.0745 0x0900  IPBusEnum - ok
11:57:19.0775 0x0900  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:57:19.0815 0x0900  IpFilterDriver - ok
11:57:19.0855 0x0900  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:57:19.0905 0x0900  iphlpsvc - ok
11:57:19.0935 0x0900  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:57:19.0945 0x0900  IPMIDRV - ok
11:57:19.0965 0x0900  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:57:20.0005 0x0900  IPNAT - ok
11:57:20.0025 0x0900  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:57:20.0115 0x0900  IRENUM - ok
11:57:20.0135 0x0900  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:57:20.0155 0x0900  isapnp - ok
11:57:20.0175 0x0900  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:57:20.0195 0x0900  iScsiPrt - ok
11:57:20.0215 0x0900  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:57:20.0225 0x0900  kbdclass - ok
11:57:20.0265 0x0900  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:57:20.0295 0x0900  kbdhid - ok
11:57:20.0295 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
11:57:20.0325 0x0900  KeyIso - ok
11:57:20.0355 0x0900  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:57:20.0365 0x0900  KSecDD - ok
11:57:20.0395 0x0900  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:57:20.0415 0x0900  KSecPkg - ok
11:57:20.0425 0x0900  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:57:20.0455 0x0900  ksthunk - ok
11:57:20.0485 0x0900  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:57:20.0535 0x0900  KtmRm - ok
11:57:20.0565 0x0900  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:57:20.0605 0x0900  LanmanServer - ok
11:57:20.0635 0x0900  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:57:20.0665 0x0900  LanmanWorkstation - ok
11:57:20.0715 0x0900  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
11:57:20.0725 0x0900  lirsgt - ok
11:57:20.0745 0x0900  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:57:20.0765 0x0900  lltdio - ok
11:57:20.0815 0x0900  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:57:20.0865 0x0900  lltdsvc - ok
11:57:20.0875 0x0900  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:57:20.0905 0x0900  lmhosts - ok
11:57:20.0935 0x0900  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:57:20.0945 0x0900  LSI_FC - ok
11:57:20.0965 0x0900  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:57:20.0975 0x0900  LSI_SAS - ok
11:57:20.0995 0x0900  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:57:21.0005 0x0900  LSI_SAS2 - ok
11:57:21.0025 0x0900  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:57:21.0035 0x0900  LSI_SCSI - ok
11:57:21.0065 0x0900  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:57:21.0105 0x0900  luafv - ok
11:57:21.0125 0x0900  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:57:21.0135 0x0900  Mcx2Svc - ok
11:57:21.0145 0x0900  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:57:21.0155 0x0900  megasas - ok
11:57:21.0175 0x0900  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:57:21.0195 0x0900  MegaSR - ok
11:57:21.0215 0x0900  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:57:21.0265 0x0900  MMCSS - ok
11:57:21.0275 0x0900  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:57:21.0315 0x0900  Modem - ok
11:57:21.0355 0x0900  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:57:21.0405 0x0900  monitor - ok
11:57:21.0445 0x0900  [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
11:57:21.0495 0x0900  motccgp - ok
11:57:21.0585 0x0900  [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
11:57:21.0595 0x0900  Motorola Device Manager - ok
11:57:21.0615 0x0900  [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
11:57:21.0645 0x0900  MotoSwitchService - ok
11:57:21.0675 0x0900  [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
11:57:21.0715 0x0900  Motousbnet - ok
11:57:21.0745 0x0900  [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
11:57:21.0795 0x0900  motusbdevice - ok
11:57:21.0835 0x0900  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:57:21.0845 0x0900  mouclass - ok
11:57:21.0875 0x0900  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:57:21.0905 0x0900  mouhid - ok
11:57:21.0935 0x0900  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:57:21.0955 0x0900  mountmgr - ok
11:57:22.0015 0x0900  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:57:22.0045 0x0900  MpFilter - ok
11:57:22.0065 0x0900  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:57:22.0075 0x0900  mpio - ok
11:57:22.0115 0x0900  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:57:22.0135 0x0900  mpsdrv - ok
11:57:22.0235 0x0900  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:57:22.0305 0x0900  MpsSvc - ok
11:57:22.0335 0x0900  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:57:22.0365 0x0900  MRxDAV - ok
11:57:22.0405 0x0900  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:57:22.0435 0x0900  mrxsmb - ok
11:57:22.0455 0x0900  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:57:22.0475 0x0900  mrxsmb10 - ok
11:57:22.0495 0x0900  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:57:22.0515 0x0900  mrxsmb20 - ok
11:57:22.0545 0x0900  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:57:22.0585 0x0900  msahci - ok
11:57:22.0605 0x0900  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:57:22.0615 0x0900  msdsm - ok
11:57:22.0625 0x0900  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:57:22.0655 0x0900  MSDTC - ok
11:57:22.0695 0x0900  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:57:22.0755 0x0900  Msfs - ok
11:57:22.0765 0x0900  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:57:22.0835 0x0900  mshidkmdf - ok
11:57:22.0855 0x0900  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:57:22.0865 0x0900  msisadrv - ok
11:57:22.0925 0x0900  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:57:22.0985 0x0900  MSiSCSI - ok
11:57:22.0985 0x0900  msiserver - ok
11:57:23.0005 0x0900  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:57:23.0045 0x0900  MSKSSRV - ok
11:57:23.0145 0x0900  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:57:23.0185 0x0900  MsMpSvc - ok
11:57:23.0195 0x0900  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:57:23.0235 0x0900  MSPCLOCK - ok
11:57:23.0255 0x0900  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:57:23.0295 0x0900  MSPQM - ok
11:57:23.0325 0x0900  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:57:23.0345 0x0900  MsRPC - ok
11:57:23.0375 0x0900  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:57:23.0395 0x0900  mssmbios - ok
11:57:23.0415 0x0900  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:57:23.0455 0x0900  MSTEE - ok
11:57:23.0495 0x0900  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:57:23.0505 0x0900  MTConfig - ok
11:57:23.0525 0x0900  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:57:23.0535 0x0900  Mup - ok
11:57:23.0575 0x0900  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:57:23.0635 0x0900  napagent - ok
11:57:23.0675 0x0900  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:57:23.0705 0x0900  NativeWifiP - ok
11:57:23.0755 0x0900  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:57:23.0795 0x0900  NDIS - ok
11:57:23.0825 0x0900  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:57:23.0865 0x0900  NdisCap - ok
11:57:23.0875 0x0900  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:57:23.0905 0x0900  NdisTapi - ok
11:57:23.0945 0x0900  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:57:23.0985 0x0900  Ndisuio - ok
11:57:24.0005 0x0900  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:57:24.0055 0x0900  NdisWan - ok
11:57:24.0075 0x0900  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:57:24.0105 0x0900  NDProxy - ok
11:57:24.0215 0x0900  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:57:24.0245 0x0900  Nero BackItUp Scheduler 4.0 - ok
11:57:24.0285 0x0900  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:57:24.0345 0x0900  NetBIOS - ok
11:57:24.0395 0x0900  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:57:24.0465 0x0900  NetBT - ok
11:57:24.0485 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
11:57:24.0495 0x0900  Netlogon - ok
11:57:24.0545 0x0900  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:57:24.0595 0x0900  Netman - ok
11:57:24.0635 0x0900  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:24.0705 0x0900  NetMsmqActivator - ok
11:57:24.0715 0x0900  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:24.0725 0x0900  NetPipeActivator - ok
11:57:24.0755 0x0900  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:57:24.0795 0x0900  netprofm - ok
11:57:24.0845 0x0900  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
11:57:24.0895 0x0900  netr28ux - ok
11:57:24.0915 0x0900  netr7364 - ok
11:57:24.0915 0x0900  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:24.0925 0x0900  NetTcpActivator - ok
11:57:24.0935 0x0900  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:24.0945 0x0900  NetTcpPortSharing - ok
11:57:25.0095 0x0900  [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
11:57:25.0195 0x0900  Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
11:57:27.0635 0x0900  Detect skipped due to KSN trusted
11:57:27.0635 0x0900  Netzmanager Service - ok
11:57:27.0665 0x0900  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:57:27.0675 0x0900  nfrd960 - ok
11:57:27.0705 0x0900  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:57:27.0725 0x0900  NisDrv - ok
11:57:27.0795 0x0900  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
11:57:27.0825 0x0900  NisSrv - ok
11:57:27.0865 0x0900  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:57:27.0915 0x0900  NlaSvc - ok
11:57:27.0945 0x0900  [ 985A3F046DFCD58E26D3A95283BB8F1D, 913D61C57F04D2980AB0931D0DAF7B1B67E023CAB0D28B6A0E10296F63AA9180 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
11:57:28.0015 0x0900  nmwcd - ok
11:57:28.0045 0x0900  [ 5EB41A9656388DC21119CCC33F0EE22A, C580B10E489E7D75B47644ED22813D3BF930FB500A0573B5C2DF49F13CD352F6 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
11:57:28.0075 0x0900  nmwcdc - ok
11:57:28.0095 0x0900  [ C1BDAC035FA94C04664A73B24D8AD251, 4323F437F095EA098CE3DF7A7B5A8A0DC7A675F47AC9A6F9F40FB5B7F2334446 ] nmwcdnsucx64    C:\Windows\system32\drivers\nmwcdnsucx64.sys
11:57:28.0125 0x0900  nmwcdnsucx64 - ok
11:57:28.0155 0x0900  [ 0001545A029EF57C2B0FD62776AFB005, EF28D39686F8420192FB198B3A975EB40345EAFC719508B69955C7487B57BCD5 ] nmwcdnsux64     C:\Windows\system32\drivers\nmwcdnsux64.sys
11:57:28.0185 0x0900  nmwcdnsux64 - ok
11:57:28.0205 0x0900  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:57:28.0235 0x0900  Npfs - ok
11:57:28.0255 0x0900  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:57:28.0295 0x0900  nsi - ok
11:57:28.0305 0x0900  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:57:28.0345 0x0900  nsiproxy - ok
11:57:28.0415 0x0900  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:57:28.0485 0x0900  Ntfs - ok
11:57:28.0495 0x0900  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:57:28.0525 0x0900  Null - ok
11:57:28.0555 0x0900  [ 7FD5C060CB907489A5702F628226F54A, 56101B878DCBFDEF4D5C8BBC6BE0D7710108E651809812BAB876A2E1D4ACB256 ] nvamacpi        C:\Windows\system32\DRIVERS\NVAMACPI.sys
11:57:28.0565 0x0900  nvamacpi - ok
11:57:28.0595 0x0900  [ ED9380F201C8126425C09BED96DBE1E5, 84DA862FA505BF6C58F13A5E8913E9D95890C8C3D00C503A8ABFCA9BC1B080A0 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:57:28.0615 0x0900  NVHDA - ok
11:57:28.0935 0x0900  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:57:29.0275 0x0900  nvlddmkm - ok
11:57:29.0315 0x0900  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:57:29.0325 0x0900  nvraid - ok
11:57:29.0355 0x0900  [ 694F5E9D9D624D47F432F5B2E66A0528, 5ACE83A62CBBA735D516FD1C603C69A2136132203679D1F3C92AC5266E84DD8C ] nvrd64          C:\Windows\system32\DRIVERS\nvrd64.sys
11:57:29.0375 0x0900  nvrd64 - ok
11:57:29.0395 0x0900  [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
11:57:29.0405 0x0900  nvsmu - ok
11:57:29.0435 0x0900  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:57:29.0455 0x0900  nvstor - ok
11:57:29.0485 0x0900  [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:57:29.0495 0x0900  nvstor64 - ok
11:57:29.0545 0x0900  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] NVSvc           C:\Windows\system32\nvvsvc.exe
11:57:29.0575 0x0900  NVSvc - ok
11:57:29.0655 0x0900  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:57:29.0685 0x0900  nvUpdatusService - ok
11:57:29.0725 0x0900  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:57:29.0735 0x0900  nv_agp - ok
11:57:29.0745 0x0900  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:57:29.0755 0x0900  ohci1394 - ok
11:57:29.0885 0x0900  [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service D:\origin\OriginClientService.exe
11:57:30.0065 0x0900  Origin Client Service - ok
11:57:30.0105 0x0900  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:57:30.0145 0x0900  p2pimsvc - ok
11:57:30.0185 0x0900  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:57:30.0225 0x0900  p2psvc - ok
11:57:30.0255 0x0900  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:57:30.0275 0x0900  Parport - ok
11:57:30.0295 0x0900  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:57:30.0305 0x0900  partmgr - ok
11:57:30.0345 0x0900  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:57:30.0385 0x0900  PcaSvc - ok
11:57:30.0425 0x0900  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:57:30.0465 0x0900  pccsmcfd - ok
11:57:30.0495 0x0900  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:57:30.0505 0x0900  pci - ok
11:57:30.0535 0x0900  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:57:30.0545 0x0900  pciide - ok
11:57:30.0575 0x0900  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:57:30.0585 0x0900  pcmcia - ok
11:57:30.0615 0x0900  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:57:30.0625 0x0900  pcw - ok
11:57:30.0665 0x0900  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:57:30.0715 0x0900  PEAUTH - ok
11:57:30.0795 0x0900  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:57:30.0825 0x0900  PerfHost - ok
11:57:30.0925 0x0900  [ 462B111AEE2056083F485836CD58987A, 6C2A36FA6DC455436F943AB7ABB572025785E0E36F76AD2D53A92013C66E2F93 ] PicexaService   C:\Program Files (x86)\Picexa\PicexaSvc.exe
11:57:30.0945 0x0900  PicexaService - ok
11:57:31.0015 0x0900  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:57:31.0095 0x0900  pla - ok
11:57:31.0135 0x0900  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:57:31.0185 0x0900  PlugPlay - ok
11:57:31.0215 0x0900  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:57:31.0225 0x0900  PNRPAutoReg - ok
11:57:31.0245 0x0900  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:57:31.0265 0x0900  PNRPsvc - ok
11:57:31.0285 0x0900  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:57:31.0345 0x0900  PolicyAgent - ok
11:57:31.0365 0x0900  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:57:31.0415 0x0900  Power - ok
11:57:31.0455 0x0900  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:57:31.0485 0x0900  PptpMiniport - ok
11:57:31.0495 0x0900  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:57:31.0525 0x0900  Processor - ok
11:57:31.0565 0x0900  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:57:31.0605 0x0900  ProfSvc - ok
11:57:31.0615 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
11:57:31.0625 0x0900  ProtectedStorage - ok
11:57:31.0655 0x0900  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:57:31.0695 0x0900  Psched - ok
11:57:31.0755 0x0900  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
11:57:31.0785 0x0900  PST Service - detected UnsignedFile.Multi.Generic ( 1 )
11:57:34.0285 0x0900  Detect skipped due to KSN trusted
11:57:34.0285 0x0900  PST Service - ok
11:57:34.0345 0x0900  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:57:34.0405 0x0900  ql2300 - ok
11:57:34.0435 0x0900  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:57:34.0445 0x0900  ql40xx - ok
11:57:34.0465 0x0900  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:57:34.0485 0x0900  QWAVE - ok
11:57:34.0495 0x0900  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:57:34.0525 0x0900  QWAVEdrv - ok
11:57:34.0555 0x0900  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:57:34.0595 0x0900  RasAcd - ok
11:57:34.0625 0x0900  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:57:34.0665 0x0900  RasAgileVpn - ok
11:57:34.0685 0x0900  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:57:34.0735 0x0900  RasAuto - ok
11:57:34.0755 0x0900  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:57:34.0795 0x0900  Rasl2tp - ok
11:57:34.0825 0x0900  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:57:34.0865 0x0900  RasMan - ok
11:57:34.0875 0x0900  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:57:34.0915 0x0900  RasPppoe - ok
11:57:34.0945 0x0900  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:57:34.0985 0x0900  RasSstp - ok
11:57:35.0015 0x0900  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:57:35.0065 0x0900  rdbss - ok
11:57:35.0095 0x0900  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:57:35.0115 0x0900  rdpbus - ok
11:57:35.0125 0x0900  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:57:35.0155 0x0900  RDPCDD - ok
11:57:35.0175 0x0900  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:57:35.0215 0x0900  RDPENCDD - ok
11:57:35.0225 0x0900  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:57:35.0265 0x0900  RDPREFMP - ok
11:57:35.0295 0x0900  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:57:35.0335 0x0900  RDPWD - ok
11:57:35.0385 0x0900  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:57:35.0395 0x0900  rdyboost - ok
11:57:35.0435 0x0900  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:57:35.0465 0x0900  RemoteAccess - ok
11:57:35.0485 0x0900  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:57:35.0515 0x0900  RemoteRegistry - ok
11:57:35.0545 0x0900  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:57:35.0575 0x0900  RpcEptMapper - ok
11:57:35.0585 0x0900  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:57:35.0615 0x0900  RpcLocator - ok
11:57:35.0645 0x0900  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:57:35.0685 0x0900  RpcSs - ok
11:57:35.0725 0x0900  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:57:35.0755 0x0900  rspndr - ok
11:57:35.0785 0x0900  [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:57:35.0795 0x0900  RTL8167 - ok
11:57:35.0855 0x0900  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
11:57:35.0885 0x0900  RTL8192cu - ok
11:57:35.0905 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
11:57:35.0905 0x0900  SamSs - ok
11:57:35.0935 0x0900  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:57:35.0945 0x0900  sbp2port - ok
11:57:35.0975 0x0900  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:57:36.0005 0x0900  SCardSvr - ok
11:57:36.0035 0x0900  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:57:36.0105 0x0900  scfilter - ok
11:57:36.0155 0x0900  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:57:36.0235 0x0900  Schedule - ok
11:57:36.0265 0x0900  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:57:36.0295 0x0900  SCPolicySvc - ok
11:57:36.0325 0x0900  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:57:36.0365 0x0900  SDRSVC - ok
11:57:36.0395 0x0900  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:57:36.0435 0x0900  secdrv - ok
11:57:36.0465 0x0900  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:57:36.0485 0x0900  seclogon - ok
11:57:36.0515 0x0900  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:57:36.0545 0x0900  SENS - ok
11:57:36.0555 0x0900  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:57:36.0615 0x0900  SensrSvc - ok
11:57:36.0645 0x0900  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:57:36.0665 0x0900  Serenum - ok
11:57:36.0685 0x0900  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:57:36.0705 0x0900  Serial - ok
11:57:36.0745 0x0900  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:57:36.0765 0x0900  sermouse - ok
11:57:36.0845 0x0900  [ 7D3903AF48E6C1DC2704EAFCB608D031, 95B0F3F4958357C919ADF31D76744D16810325C7313767395521838F65DB3FE0 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:57:36.0965 0x0900  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
11:57:39.0465 0x0900  Detect skipped due to KSN trusted
11:57:39.0465 0x0900  ServiceLayer - ok
11:57:39.0495 0x0900  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:57:39.0555 0x0900  SessionEnv - ok
11:57:39.0585 0x0900  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:57:39.0615 0x0900  sffdisk - ok
11:57:39.0635 0x0900  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:57:39.0655 0x0900  sffp_mmc - ok
11:57:39.0665 0x0900  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:57:39.0685 0x0900  sffp_sd - ok
11:57:39.0695 0x0900  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:57:39.0705 0x0900  sfloppy - ok
11:57:39.0735 0x0900  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:57:39.0775 0x0900  SharedAccess - ok
11:57:39.0805 0x0900  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:57:39.0845 0x0900  ShellHWDetection - ok
11:57:39.0875 0x0900  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:57:39.0885 0x0900  SiSRaid2 - ok
11:57:39.0895 0x0900  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:57:39.0915 0x0900  SiSRaid4 - ok
11:57:39.0945 0x0900  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:57:40.0025 0x0900  Smb - ok
11:57:40.0075 0x0900  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:57:40.0115 0x0900  SNMPTRAP - ok
11:57:40.0135 0x0900  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:57:40.0145 0x0900  spldr - ok
11:57:40.0195 0x0900  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
11:57:40.0245 0x0900  Spooler - ok
11:57:40.0395 0x0900  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:57:40.0525 0x0900  sppsvc - ok
11:57:40.0545 0x0900  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:57:40.0575 0x0900  sppuinotify - ok
11:57:40.0615 0x0900  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:57:40.0665 0x0900  srv - ok
11:57:40.0705 0x0900  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:57:40.0725 0x0900  srv2 - ok
11:57:40.0745 0x0900  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:57:40.0765 0x0900  srvnet - ok
11:57:40.0785 0x0900  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:57:40.0835 0x0900  SSDPSRV - ok
11:57:40.0885 0x0900  SSFK - ok
11:57:40.0895 0x0900  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:57:40.0935 0x0900  SstpSvc - ok
11:57:41.0055 0x0900  [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:57:41.0085 0x0900  Steam Client Service - ok
11:57:41.0145 0x0900  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:57:41.0165 0x0900  Stereo Service - ok
11:57:41.0175 0x0900  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:57:41.0185 0x0900  stexstor - ok
11:57:41.0245 0x0900  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:57:41.0295 0x0900  stisvc - ok
11:57:41.0325 0x0900  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:57:41.0335 0x0900  swenum - ok
11:57:41.0355 0x0900  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:57:41.0405 0x0900  swprv - ok
11:57:41.0475 0x0900  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:57:41.0555 0x0900  SysMain - ok
11:57:41.0585 0x0900  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:57:41.0615 0x0900  TabletInputService - ok
11:57:41.0645 0x0900  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:57:41.0685 0x0900  TapiSrv - ok
11:57:41.0705 0x0900  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:57:41.0725 0x0900  TBS - ok
11:57:41.0805 0x0900  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:57:41.0865 0x0900  Tcpip - ok
11:57:41.0935 0x0900  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:57:41.0985 0x0900  TCPIP6 - ok
11:57:42.0025 0x0900  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:57:42.0065 0x0900  tcpipreg - ok
11:57:42.0095 0x0900  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:57:42.0115 0x0900  TDPIPE - ok
11:57:42.0145 0x0900  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:57:42.0165 0x0900  TDTCP - ok
11:57:42.0215 0x0900  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:57:42.0275 0x0900  tdx - ok
11:57:42.0345 0x0900  [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6      C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
11:57:42.0375 0x0900  TelekomNM6 - ok
11:57:42.0415 0x0900  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:57:42.0435 0x0900  TermDD - ok
11:57:42.0505 0x0900  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:57:42.0545 0x0900  TermService - ok
11:57:42.0575 0x0900  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:57:42.0595 0x0900  Themes - ok
11:57:42.0625 0x0900  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:57:42.0655 0x0900  THREADORDER - ok
11:57:42.0685 0x0900  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:57:42.0735 0x0900  TrkWks - ok
11:57:42.0795 0x0900  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:57:42.0865 0x0900  TrustedInstaller - ok
11:57:42.0885 0x0900  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:57:42.0905 0x0900  tssecsrv - ok
11:57:42.0955 0x0900  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:57:43.0005 0x0900  TsUsbFlt - ok
11:57:43.0045 0x0900  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:57:43.0105 0x0900  tunnel - ok
11:57:43.0125 0x0900  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:57:43.0145 0x0900  uagp35 - ok
11:57:43.0175 0x0900  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:57:43.0215 0x0900  udfs - ok
11:57:43.0255 0x0900  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:57:43.0275 0x0900  UI0Detect - ok
11:57:43.0315 0x0900  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:57:43.0325 0x0900  uliagpkx - ok
11:57:43.0365 0x0900  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
11:57:43.0395 0x0900  umbus - ok
11:57:43.0435 0x0900  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:57:43.0445 0x0900  UmPass - ok
11:57:43.0475 0x0900  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:57:43.0525 0x0900  upnphost - ok
11:57:43.0565 0x0900  [ AFA3A0937B7044A8322D8BC91722C53B, 3E4B7DA5B31A29BD58000FF567D1FBF8523BB98CB97DA3B7DDEF120DD98B26B9 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:57:43.0585 0x0900  upperdev - ok
11:57:43.0615 0x0900  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:57:43.0635 0x0900  usbccgp - ok
11:57:43.0675 0x0900  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:57:43.0715 0x0900  usbcir - ok
11:57:43.0735 0x0900  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:57:43.0775 0x0900  usbehci - ok
11:57:43.0805 0x0900  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
11:57:43.0825 0x0900  usbfilter - ok
11:57:43.0865 0x0900  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:57:43.0905 0x0900  usbhub - ok
11:57:43.0945 0x0900  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:57:43.0965 0x0900  usbohci - ok
11:57:43.0995 0x0900  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:57:44.0015 0x0900  usbprint - ok
11:57:44.0045 0x0900  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:57:44.0085 0x0900  usbscan - ok
11:57:44.0105 0x0900  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
11:57:44.0155 0x0900  usbser - ok
11:57:44.0165 0x0900  [ B826F3FF5A1975CC9096B4CAADDE77B6, 73B1664BB2988AA4FC060A7CDE2C614B80732E5264A4ED00F3EC3EB1D9700521 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:57:44.0185 0x0900  UsbserFilt - ok
11:57:44.0225 0x0900  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:57:44.0245 0x0900  USBSTOR - ok
11:57:44.0265 0x0900  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:57:44.0295 0x0900  usbuhci - ok
11:57:44.0315 0x0900  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:57:44.0355 0x0900  UxSms - ok
11:57:44.0375 0x0900  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
11:57:44.0385 0x0900  VaultSvc - ok
11:57:44.0405 0x0900  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:57:44.0415 0x0900  vdrvroot - ok
11:57:44.0495 0x0900  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:57:44.0565 0x0900  vds - ok
11:57:44.0595 0x0900  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:57:44.0625 0x0900  vga - ok
11:57:44.0645 0x0900  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:57:44.0685 0x0900  VgaSave - ok
11:57:44.0715 0x0900  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:57:44.0735 0x0900  vhdmp - ok
11:57:44.0765 0x0900  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:57:44.0775 0x0900  viaide - ok
11:57:44.0795 0x0900  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:57:44.0805 0x0900  volmgr - ok
11:57:44.0835 0x0900  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:57:44.0855 0x0900  volmgrx - ok
11:57:44.0875 0x0900  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:57:44.0895 0x0900  volsnap - ok
11:57:44.0915 0x0900  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:57:44.0925 0x0900  vsmraid - ok
11:57:44.0995 0x0900  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:57:45.0085 0x0900  VSS - ok
11:57:45.0105 0x0900  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:57:45.0125 0x0900  vwifibus - ok
11:57:45.0155 0x0900  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:57:45.0165 0x0900  vwififlt - ok
11:57:45.0205 0x0900  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:57:45.0255 0x0900  W32Time - ok
11:57:45.0275 0x0900  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:57:45.0315 0x0900  WacomPen - ok
11:57:45.0365 0x0900  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:57:45.0415 0x0900  WANARP - ok
11:57:45.0435 0x0900  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:57:45.0455 0x0900  Wanarpv6 - ok
11:57:45.0565 0x0900  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:57:45.0645 0x0900  wbengine - ok
11:57:45.0665 0x0900  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:57:45.0705 0x0900  WbioSrvc - ok
11:57:45.0725 0x0900  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:57:45.0755 0x0900  wcncsvc - ok
11:57:45.0765 0x0900  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:57:45.0795 0x0900  WcsPlugInService - ok
11:57:45.0815 0x0900  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:57:45.0825 0x0900  Wd - ok
11:57:45.0875 0x0900  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:57:45.0905 0x0900  Wdf01000 - ok
11:57:45.0935 0x0900  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:57:46.0025 0x0900  WdiServiceHost - ok
11:57:46.0025 0x0900  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:57:46.0045 0x0900  WdiSystemHost - ok
11:57:46.0085 0x0900  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
11:57:46.0115 0x0900  WebClient - ok
11:57:46.0135 0x0900  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:57:46.0175 0x0900  Wecsvc - ok
11:57:46.0185 0x0900  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:57:46.0215 0x0900  wercplsupport - ok
11:57:46.0225 0x0900  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:57:46.0255 0x0900  WerSvc - ok
11:57:46.0295 0x0900  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:57:46.0325 0x0900  WfpLwf - ok
11:57:46.0335 0x0900  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:57:46.0345 0x0900  WIMMount - ok
11:57:46.0365 0x0900  WinDefend - ok
11:57:46.0425 0x0900  WindowsMangerProtect - ok
11:57:46.0445 0x0900  WinHttpAutoProxySvc - ok
11:57:46.0485 0x0900  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:57:46.0525 0x0900  Winmgmt - ok
11:57:46.0605 0x0900  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:57:46.0695 0x0900  WinRM - ok
11:57:46.0755 0x0900  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:57:46.0765 0x0900  WinUsb - ok
11:57:46.0805 0x0900  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:57:46.0845 0x0900  Wlansvc - ok
11:57:46.0865 0x0900  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:57:46.0895 0x0900  WmiAcpi - ok
11:57:46.0925 0x0900  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:57:46.0955 0x0900  wmiApSrv - ok
11:57:46.0975 0x0900  WMPNetworkSvc - ok
11:57:46.0985 0x0900  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:57:47.0015 0x0900  WPCSvc - ok
11:57:47.0045 0x0900  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:57:47.0065 0x0900  WPDBusEnum - ok
11:57:47.0095 0x0900  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:57:47.0115 0x0900  ws2ifsl - ok
11:57:47.0135 0x0900  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:57:47.0165 0x0900  wscsvc - ok
11:57:47.0165 0x0900  WSearch - ok
11:57:47.0255 0x0900  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:57:47.0375 0x0900  wuauserv - ok
11:57:47.0415 0x0900  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:57:47.0435 0x0900  WudfPf - ok
11:57:47.0495 0x0900  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:57:47.0545 0x0900  WUDFRd - ok
11:57:47.0585 0x0900  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:57:47.0615 0x0900  wudfsvc - ok
11:57:47.0655 0x0900  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:57:47.0685 0x0900  WwanSvc - ok
11:57:47.0725 0x0900  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
11:57:47.0735 0x0900  xusb21 - ok
11:57:47.0775 0x0900  ================ Scan global ===============================
11:57:47.0795 0x0900  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:57:47.0835 0x0900  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
11:57:47.0855 0x0900  [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
11:57:47.0875 0x0900  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:57:47.0915 0x0900  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:57:47.0925 0x0900  [ Global ] - ok
11:57:47.0925 0x0900  ================ Scan MBR ==================================
11:57:47.0935 0x0900  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:57:48.0425 0x0900  \Device\Harddisk0\DR0 - ok
11:57:48.0425 0x0900  ================ Scan VBR ==================================
11:57:48.0425 0x0900  [ FB2065BBA3C6D6D05A705B242B640FBB ] \Device\Harddisk0\DR0\Partition1
11:57:48.0425 0x0900  \Device\Harddisk0\DR0\Partition1 - ok
11:57:48.0435 0x0900  [ 6264BF1C2367FF02B39ABE341154F342 ] \Device\Harddisk0\DR0\Partition2
11:57:48.0435 0x0900  \Device\Harddisk0\DR0\Partition2 - ok
11:57:48.0435 0x0900  ================ Scan generic autorun ======================
11:57:48.0725 0x0900  [ 08E5D3F98F80E5B7A2E965DFD42C4D21, EC4CE007E5B082CCC071B0C71CF6A5B9B479D794E90ECD93CA613ADDF8A6CB09 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:57:48.0905 0x0900  RtHDVCpl - ok
11:57:49.0015 0x0900  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
11:57:49.0055 0x0900  AdobeAAMUpdater-1.0 - ok
11:57:49.0105 0x0900  [ B9297016CBC59D2D5631CC982479CC96, DBD4AA2721D251B72F06761D052E5C4076500A618D06528BA76F85E8ACB12A06 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE
11:57:49.0125 0x0900  EPSON Stylus DX3800 Series - ok
11:57:49.0195 0x0900  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
11:57:49.0245 0x0900  MSC - ok
11:57:49.0305 0x0900  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
11:57:49.0325 0x0900  XboxStat - ok
11:57:49.0365 0x0900  [ 35AC4B63CBB9FB6B4472913E9948B517, 104C7D5E97A680CDF660AA98E6E92447F0FF6B857A847CDAFB0A9EB26086B5A4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:57:49.0395 0x0900  APSDaemon - ok
11:57:49.0475 0x0900  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:57:49.0495 0x0900  SunJavaUpdateSched - ok
11:57:49.0615 0x0900  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:57:49.0675 0x0900  Sidebar - ok
11:57:49.0695 0x0900  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:57:49.0725 0x0900  mctadmin - ok
11:57:49.0755 0x0900  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:57:49.0795 0x0900  Sidebar - ok
11:57:49.0805 0x0900  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:57:49.0815 0x0900  mctadmin - ok
11:57:49.0935 0x0900  [ 73CD25C93C41D174AFFCB140A10A8B1E, C0A481C54F8DF30D6B473215C60141B69FC812215DFCD07871E8F61A927D30DF ] C:\Program Files (x86)\Steam\steam.exe
11:57:50.0025 0x0900  Steam - ok
11:57:50.0105 0x0900  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:57:50.0115 0x0900  Dropbox Update - ok
11:57:50.0115 0x0900  AVG-Secure-Search-Update_JUNE2013_TB - ok
11:57:50.0125 0x0900  Waiting for KSN requests completion. In queue: 212
11:57:51.0125 0x0900  Waiting for KSN requests completion. In queue: 212
11:57:52.0125 0x0900  Waiting for KSN requests completion. In queue: 212
11:57:53.0135 0x0900  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
11:57:53.0195 0x0900  Win FW state via NFP2: enabled
11:57:55.0635 0x0900  ============================================================
11:57:55.0635 0x0900  Scan finished
11:57:55.0635 0x0900  ============================================================
11:57:55.0645 0x0164  Detected object count: 0
11:57:55.0645 0x0164  Actual detected object count: 0
         
hi,

bekomme immernoch dieses Fenster: ..."dein System wird abgesucht..."

Picexa ist auch auf dem Desktop...


Grüße


Alt 23.07.2015, 07:03   #6
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



immer locker, wir haben ja erst angefangen


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> "Dein System wird abgesucht" + Picexa auf Desktop

Alt 23.07.2015, 13:10   #7
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



wie deaktiviere ich die Malware/Spyware-Scanner bzw. erkenne ob einer aktiv ist?

Alt 24.07.2015, 06:43   #8
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Du nutzt MSE, also unten in der Taskleiste auf MSE, öffnen, EInstellungen, Echtzeitschutz beenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.07.2015, 14:31   #9
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



he.

hab alles gemacht wie beschrieben. dann etwas gesurft - Meldung wieder da; Picexa auch noch drauf. abgesehen davon läuft alles etwas schneller + es kommt, wenn ich im Internet bin die Meldung, das ich auf einer sicheren internetverbundung bin etc.

Code:
ATTFilter
ComboFix 15-07-23.01 - Michael 25.07.2015  15:00:35.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4094.2305 [GMT 2:00]
ausgeführt von:: c:\users\Michael\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\bin\uninstall.pun
c:\program files (x86)\SearchProtect\Main\rep\cfi.bin
c:\program files (x86)\SearchProtect\Main\rep\edk.bin
c:\program files (x86)\SearchProtect\Main\rep\pni.bin
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\Main\rep\trn.bin
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\RN32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\VC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\VC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.css
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.html
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.js
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009
c:\users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\jnsw9DE3.tmp
c:\users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\nsw68D9.tmpfs
c:\users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\vnsw508E.tmp
c:\users\Michael\AppData\Roaming\convert\convert.exe
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CltMngSvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-25 bis 2015-07-25  ))))))))))))))))))))))))))))))
.
.
2015-07-25 13:07 . 2015-07-25 13:07	22512	----a-w-	c:\windows\system32\drivers\SPPD.sys
2015-07-25 13:06 . 2015-07-25 13:06	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-07-25 13:06 . 2015-07-25 13:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-25 07:26 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B1E9D8F-29CE-4F63-A664-A09611054464}\mpengine.dll
2015-07-23 11:42 . 2015-07-03 07:47	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{91B2B68B-0A57-4A36-8FCB-AA506A32FAFD}\gapaengine.dll
2015-07-23 11:42 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-07-22 08:49 . 2015-07-22 08:49	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-22 08:49 . 2015-07-22 09:50	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-22 08:49 . 2015-07-22 09:25	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-22 08:48 . 2015-07-22 09:24	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-21 13:42 . 2015-07-21 13:44	--------	d-----w-	C:\FRST
2015-07-21 12:46 . 2015-07-21 12:46	459464	----a-w-	c:\program files (x86)\SSFK.exe
2015-07-21 07:40 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 07:40 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 07:40 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 07:40 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 07:40 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 07:40 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 07:40 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 07:40 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 07:40 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 07:40 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-20 06:02 . 2015-07-25 13:08	--------	d-----w-	c:\program files (x86)\SFK
2015-07-16 13:47 . 2015-07-16 13:47	18524336	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-07-16 13:14 . 2015-07-16 13:14	--------	d-----w-	c:\users\Michael\AppData\Roaming\WinZipper
2015-07-16 13:13 . 2015-07-16 13:13	--------	d-----w-	c:\program files (x86)\MiuiTab
2015-07-16 02:52 . 2015-07-01 20:49	315392	----a-w-	c:\windows\system32\msv1_0.dll
2015-07-10 15:47 . 2015-04-29 18:22	14635008	----a-w-	c:\windows\system32\wmp.dll
2015-07-10 15:46 . 2015-05-09 03:26	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-07-10 15:33 . 2015-07-10 15:33	--------	d-----w-	c:\users\Michael\AppData\Roaming\Picexa Viewer
2015-07-09 15:27 . 2015-07-25 13:08	--------	d-----w-	c:\program files (x86)\Picexa
2015-07-09 15:26 . 2015-07-17 22:50	--------	d-----w-	c:\programdata\MailUpdate
2015-07-09 15:26 . 2015-07-10 15:32	--------	d-----w-	c:\users\Michael\AppData\Roaming\MailUpdate
2015-07-03 11:42 . 2015-07-03 23:27	--------	d-----w-	c:\users\Michael\AppData\Local\avabvexvac
2015-07-03 07:28 . 2015-07-03 07:28	--------	d-----w-	c:\users\Michael\AppData\Local\Dropbox
2015-07-03 07:28 . 2015-07-03 07:28	--------	d-----w-	c:\programdata\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-16 13:47 . 2013-02-23 09:11	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-16 13:47 . 2013-02-23 09:11	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-14 05:46 . 2011-06-10 23:58	773968	----a-w-	c:\windows\SysWow64\msvcr100.dll
2015-07-14 05:46 . 2011-06-10 23:58	421200	----a-w-	c:\windows\SysWow64\msvcp100.dll
2015-07-05 10:08 . 2014-05-11 12:37	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-07-03 07:47 . 2014-05-14 07:51	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-07-03 06:43 . 2010-11-10 07:51	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-07-02 07:16 . 2015-07-25 07:25	213776	----a-w-	c:\windows\apppatch\nbin\VC32Loader.dll
2015-07-02 07:16 . 2015-07-02 07:16	246544	----a-w-	c:\windows\apppatch\AppPatch64\VCLdr64.dll
2015-05-09 03:13 . 2015-07-10 15:46	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-12 21:19	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-12 21:19	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}]
2015-07-15 08:51	544952	----a-w-	c:\program files (x86)\MiuiTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-06-11 15:57	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-04-13 2889408]
"Dropbox Update"="c:\users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-07-03 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 44236896]
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2014-1-24 14140416]
Sonic CinePlayer Quick Launch.lnk - c:\program files (x86)\Common Files\Sonic Shared\cinetray.exe [2002-9-18 98304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Inhaltsmanager-Assistent für PlayStation(R).lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2014-9-16 3696248]
TP-LINK-Konfigurationstool.lnk - c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe -nogui [2014-6-18 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 FXDrv32;FXDrv32;e:\fxdrv64.sys;e:\FXDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
R3 Origin Client Service;Origin Client Service;d:\origin\OriginClientService.exe;d:\origin\OriginClientService.exe [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x]
S2 IHProtect Service;IHProtect Service;c:\program files (x86)\MiuiTab\ProtectService.exe;c:\program files (x86)\MiuiTab\ProtectService.exe [x]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 PicexaService;PicexaService;c:\program files (x86)\Picexa\PicexaSvc.exe;c:\program files (x86)\Picexa\PicexaSvc.exe [x]
S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
S2 SSFK;SSFK;c:\program files (x86)\SFK\SSFK.exe;c:\program files (x86)\SFK\SSFK.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 15:55	991048	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-10.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7.job
- c:\program files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-7.exe [2015-02-09 23:44]
.
2015-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-23 13:47]
.
2015-07-20 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core.job
- c:\users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-03 07:28]
.
2015-07-25 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA.job
- c:\users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-03 07:28]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-23 08:37]
.
2015-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-23 08:37]
.
2015-07-25 c:\windows\Tasks\roller_coaster_park_notification_service.job
- c:\program files (x86)\roller coaster park\roller_coaster_park_notification_service.exe [2015-04-04 22:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-04-22 15:17	357432	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"EPSON Stylus DX3800 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE" [2005-02-08 98304]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
uDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
mDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
mDefault_Page_URL = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
mStart Page = hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
uInternet Settings,ProxyOverride = <local>;192.168.*.*
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{E87806B5-E908-45FD-AF5E-957D83E58E68} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - (no file)
c:\users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk - c:\programdata\{9be38812-3ced-8198-9be3-388123ce2048}\hqghumeaylnlf.exe /startup
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-KKND Krossfire - c:\windows\IsUn0407.exe
AddRemove-S3 - c:\windows\IsUn0407.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-Tomb Raider III - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*0*#*7*&*2*2*7*6*e*b*9*e*&*0*&*0*5*8*f*6*3*6*4*6*4*7*6*ÈWI\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*2*#*7*&*2*2*7*6*e*b*9*e*&*0*&*0*5*8*f*6*a•ê`\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-25  15:14:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-25 13:14
.
Vor Suchlauf: 10 Verzeichnis(se), 26.153.615.360 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 25.391.812.608 Bytes frei
.
- - End Of File - - CA8542936D43F1207C4AD4E631E9559C
         

Alt 26.07.2015, 12:58   #10
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.07.2015, 11:37   #11
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 27.07.2015
Suchlauf-Zeit: 11:05:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Michael

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 445860
Verstrichene Zeit: 16 Min, 57 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 5
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 1840, Löschen bei Neustart, [c7b2dc67f09aee4884cd78965ea4f10f]
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe, 3852, Löschen bei Neustart, [6f0add6663270333cbd3fe19ad591ce4]
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe, 3124, Löschen bei Neustart, [babf94afd2b8cf67148ae6310ff79769]
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, 5768, Löschen bei Neustart, [b6c3f0538a00bb7b4a7606b179889e62]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1556, Löschen bei Neustart, [5a1f3d065d2de84e8b08ad0755aef40c]

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 59
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [c7b2dc67f09aee4884cd78965ea4f10f], 
PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, In Quarantäne, [b6c3f0538a00bb7b4a7606b179889e62], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [126786bd88027bbb77a4db4141c2b14f], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [126786bd88027bbb77a4db4141c2b14f], 
PUP.Optional.LoadTubes.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, In Quarantäne, [631671d2dbafde58245637228c77a65a], 
PUP.Optional.LoadTubes.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, In Quarantäne, [631671d2dbafde58245637228c77a65a], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Softonic.SoftonicHlpr, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Softonic.SoftonicHlpr.1, In Quarantäne, [0277a69d37535bdbc54750cfec1751af], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Softonic.dskBnd, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Softonic.dskBnd.1, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [2c4de95a7218280e64426384877cc937], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [7009ad96d7b3d95d6d3938afbe45966a], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [6c0dfe45b5d58ea8f32a995026ddf10f], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [0574cd7658323bfb831c26f0a85d6a96], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [0277c28102882313d7e6101e1ce907f9], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [3f3a20231a7060d69824a08e22e3ec14], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [b8c11c272664979f00dd1d933ac9f010], 
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, In Quarantäne, [a9d0380bc7c3fe38a14e42e0ee172fd1], 
PUP.Optional.GoPhotoIt.A, HKLM\SOFTWARE\WOW6432NODE\The-Go-Photo-it-v11, In Quarantäne, [4237350ec9c1f93db7c1faba4cb70ff1], 
PUP.Optional.GoPhotoIt.A, HKLM\SOFTWARE\WOW6432NODE\The-Go-Photo-it-v11-nv, In Quarantäne, [0b6e4102dcae0630096fe6ce0af9bc44], 
PUP.Optional.GoPhotoIt.A, HKLM\SOFTWARE\WOW6432NODE\The-Go-Photo-it-v11-nv-ie, In Quarantäne, [3247b78cf6941e187afed7dd996aca36], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [4633083b8901999d2f774f9807fc3ac6], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [6e0bf44fc9c1dd59b3f39f488f7423dd], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [7009ce752565b482b0c6c10d2ed5cf31], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\elchiiiejkobdbblfejjkbphbddgmljf, In Quarantäne, [ef8a360db2d869cd31776483cb38ee12], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [bbbe2221ec9e51e5100da643db28ce32], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [740560e3296140f6a2fd8f871aeb4cb4], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [b9c0f64dc0ca49edb8dc81ac43c224dc], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [e198cc77e9a151e5aee774b96c9916ea], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, In Quarantäne, [ee8b281bfd8d2f0779fc16bce81bcb35], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [7504e3604842dd59f6a6ccfa778c23dd], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [5a1f3d065d2de84e8b08ad0755aef40c], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [bcbd94af9eece452d60167547192fc04], 
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, In Quarantäne, [146530131575e2541cfcb21ada299b65], 
PUP.Optional.GoPhotoIt.A, HKU\S-1-5-18\SOFTWARE\The-Go-Photo-it-v11-nv, In Quarantäne, [95e4ea592b5fe5514930b0047c873fc1], 
PUP.Optional.GoPhotoIt.A, HKU\S-1-5-18\SOFTWARE\The-Go-Photo-it-v11-nv-ie, In Quarantäne, [94e5e55e07832115dc9d7a3a907327d9], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\1ClickDownload, In Quarantäne, [8eebf3509ceedd5930344ebeca3b31cf], 
PUP.Optional.ConduitSearch.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\Conduit_Search_Protect, In Quarantäne, [6b0e340f741660d6cea4b2fbd92acf31], 
PUP.Optional.GoPhotoIt.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\The-Go-Photo-it-v11, In Quarantäne, [eb8ec97a5535d660f089892beb18ac54], 
PUP.Optional.GoPhotoIt.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\The-Go-Photo-it-v11-nv, In Quarantäne, [9adfe65d5c2e96a092e7c4f05aa9a35d], 
PUP.Optional.GoPhotoIt.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\The-Go-Photo-it-v11-nv-ie, In Quarantäne, [0e6be55e6921f14555248a2a44bf57a9], 
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [0c6d95ae77137abc6fa56f53b84ba65a], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [5d1cfa491377c175a594fff6fd06ea16], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [6e0bce7563272f0726f0ac5f24e1bc44], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [6b0e162dd7b3181e526901c1f70c9868], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\joep, In Quarantäne, [99e09da65c2eef474dc65f6ef0137d83], 
PUP.Optional.Qone8, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [6415162df19973c3adf14ec808fd14ec], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [3a3f3c0782082115af0c9f23e91a08f8], 
PUP.Optional.GoPhotoIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\The-Go-Photo-it-v11, In Quarantäne, [4f2ac3805f2b0135049b99007192b749], 

Registrierungswerte: 11
PUP.Optional.LoadTubes.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, îÃïÃ? ÃÃ?OË?Â* Ë?r Æ?r, In Quarantäne, [631671d2dbafde58245637228c77a65a]
PUP.Optional.LoadTubes.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, In Quarantäne, [631671d2dbafde58245637228c77a65a], 
PUP.Optional.LoadTubes.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, In Quarantäne, [afca8db6355544f2a8d2be9ba261c13f], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83], 
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Softonic Toolbar, In Quarantäne, [bebb4102fe8cd95d9972dd42b54e7d83]
PUP.Optional.LoadTubes.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}, In Quarantäne, [b5c4d86b533787af6614aeabff04c33d], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [7009ce752565b482b0c6c10d2ed5cf31]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, In Quarantäne, [ee8b281bfd8d2f0779fc16bce81bcb35]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ild, In Quarantäne, [7504e3604842dd59f6a6ccfa778c23dd]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, In Quarantäne, [146530131575e2541cfcb21ada299b65]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\INSTALLCORE|tb, 0A2O1C1R1H2Z1S1G1M1F, In Quarantäne, [6e0bce7563272f0726f0ac5f24e1bc44]

Registrierungsdaten: 11
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll, Gut: (), Schlecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll),Ersetzt,[5c1d8cb71a70191d17a99621a55cc43c]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll, Gut: (), Schlecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll),Ersetzt,[b5c4b390058576c019a7605730d10df3]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C),Ersetzt,[caaf222139510f275b0e3aa927de6c94]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c6b3fd4608823ff73466944d4fb6f907]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}),Ersetzt,[8aef52f10981cc6a1c4c0ed513f26d93]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C),Ersetzt,[8dec83c09eeca6905c0b687b5baa14ec]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C),Ersetzt,[007991b2cebc87af8ddcfae9c93c16ea]
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}),Ersetzt,[db9e9ba8f19981b5a1cbe9fa13f209f7]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[2158b78cb0da1323099109d8f21317e9]
PUP.Optional.OmigaPlus.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C),Ersetzt,[5326340ff793aa8cbca611d2ff06669a]
PUP.Optional.OmigaPlus.A, HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1423525503&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}),Ersetzt,[4a2fde650b7f0531a4fa1bba9c6936ca]

Ordner: 46
PUP.Optional.WebBar.A, C:\Program Files\WebBar, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\2.0.5582.15558, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.ZombieNews.A, C:\ProgramData\ZombieNews, In Quarantäne, [86f3e45f27632e080adbbe6e13f207f9], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect\rep, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\UI, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\UI\rep, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [e990b48ff3973bfbf2ad057b51b2d52b], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [e990b48ff3973bfbf2ad057b51b2d52b], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV07.05, In Quarantäne, [c4b540038406be784f65cacb30d3f907], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497\gmsd_de_497, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497\gmsd_de_497\1.20, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_497, In Quarantäne, [3247e55e2d5d989eb3d26731cf342bd5], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11, Löschen bei Neustart, [4f2ac3805f2b0135049b99007192b749], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\content, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\content\libraries, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\locale, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\locale\en-US, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\skin, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [64151a29d1b9df5764d2108dec1729d7], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [64151a29d1b9df5764d2108dec1729d7], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 

Dateien: 163
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, Löschen bei Neustart, [c7b2dc67f09aee4884cd78965ea4f10f], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-6.exe, Löschen bei Neustart, [6f0add6663270333cbd3fe19ad591ce4], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.exe, Löschen bei Neustart, [babf94afd2b8cf67148ae6310ff79769], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, Löschen bei Neustart, [b6c3f0538a00bb7b4a7606b179889e62], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, Löschen bei Neustart, [6712340f2c5e0b2b12ae2d8a3fc2639d], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, Löschen bei Neustart, [2f4a0d36f09a2b0bccf40cab46bb21df], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, Löschen bei Neustart, [730679ca1b6f9c9a7e428235f809f20e], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll, Löschen bei Neustart, [5c1d8cb71a70191d17a99621a55cc43c], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll, Löschen bei Neustart, [b5c4b390058576c019a7605730d10df3], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Adobe\94146aea-6606-4bdc-a5a8-72d82483e704.dll, In Quarantäne, [7207bf846525fe382ae4808b34ce27d9], 
PUP.Optional.Nova.A, C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848\2f525591-4a77-42e5-8ef5-a020dba699fb.dll, In Quarantäne, [255452f1c2c89b9b41cd54b7b54da35d], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.exe, In Quarantäne, [0772192ad1b932043d6174a33ec86799], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-10.exe, In Quarantäne, [94e5cb78315968ce8f0fc25570962cd4], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-5.exe, In Quarantäne, [6118ab98eb9f4de9485651c6eb1b7d83], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-64.exe, In Quarantäne, [fe7bcb78b8d2d16518863bdce2247b85], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\00571e87-fccb-4b85-a76d-e5b0e6130523-7.exe, In Quarantäne, [c4b5f74c9feb5ed89e006aadfa0cb749], 
PUP.Optional.Nova.A, C:\Program Files (x86)\The-Go-Photo-it-v11\ded19b04-085b-4510-bd15-0bc13b956190.dll, In Quarantäne, [da9f86bd1b6f053152bcaa61a75b6997], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\The-Go-Photo-it-v11\utils.exe, In Quarantäne, [a6d352f1dcae9b9b850b4300b7496e92], 
PUP.LoadTubes, C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll, In Quarantäne, [f782d86bd2b80d29fa5138980ff13bc5], 
PUP.BundleInstaller.VG, C:\Users\Michael\Downloads\video_downloader.exe, In Quarantäne, [85f40340dcae59dd84b9d0e4f50bdf21], 
PUP.LoadTubes, C:\Users\Michael\Downloads\install_flashplayer11_secure_update.exe, In Quarantäne, [fa7fe75c48423ef83b10e0f015ebe31d], 
PUP.Optional.SearchProtect, C:\Users\Michael\AppData\Local\avabvexvac\avabvexvac.exe, In Quarantäne, [186146fd2e5c33036dca92850df5bb45], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\pbqrmvbub, In Quarantäne, [a6d3e0637b0ffb3b7c443d7a57aaf60a], 
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\VCLdr64.dll, Löschen bei Neustart, [b3c6c18244469f97e3dde5d226db7e82], 
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\nbin\VC32Loader.dll, Löschen bei Neustart, [c7b2123162283afc249c3e795ca545bb], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\unins000.dat, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\InstallUtil.InstallLog, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\Microsoft.Win32.TaskScheduler.dll, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\wbsvc.InstallLog, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\wbsvc.InstallState, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.WebBar.A, C:\Program Files\WebBar\2.0.5582.15558\ISightSDK.dll, In Quarantäne, [adcc33103357270f8409f1b7f1121ae6], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\Tasks\avabvexvac, In Quarantäne, [d6a356ed0c7e7cbabe1926824db628d8], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6, In Quarantäne, [d4a5a69d4f3b85b1b6bb88465ca78e72], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7, In Quarantäne, [1f5a6ed5c9c1290d2f422ea06c9712ee], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user, In Quarantäne, [a6d3ed5691f984b2fb76775724dfe818], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5, In Quarantäne, [55243a098406be786110a7279e658d73], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user, In Quarantäne, [9adf1f24e7a31026ff728c4207fc09f7], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6, In Quarantäne, [b2c771d2addd0036fd744a84c2416997], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7, In Quarantäne, [4237bd866624aa8cff72f8d6ce35bb45], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\94610a37-f0a6-4805-8647-38024cecb8cc-5, In Quarantäne, [a0d9360d92f8a294a7caca0404ffd32d], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\cfi.bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\edk.bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\pni.bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\trn.bin, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, Löschen bei Neustart, [67123112bad0bb7b59b5f61f43c237c9], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-6.job, In Quarantäne, [b0c92b18d6b4bb7be18cf536ea1bf10f], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-1-7.job, In Quarantäne, [e693d27199f163d378f585a633d26a96], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-10_user.job, In Quarantäne, [fe7bb68d8cfe58de8de0a784de278a76], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5.job, In Quarantäne, [8dec8db6d9b1a591c7a65ecd64a126da], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-5_user.job, In Quarantäne, [f188b192b9d152e42c417ead788daf51], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-6.job, In Quarantäne, [c3b61a29b5d5a492b0bd5ccf788dd030], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\00571e87-fccb-4b85-a76d-e5b0e6130523-7.job, In Quarantäne, [0376fb483c4e7abc7fee969558ad1be5], 
PUP.Optional.ZombieNews.A, C:\ProgramData\ZombieNews\app.dat, In Quarantäne, [86f3e45f27632e080adbbe6e13f207f9], 
PUP.Optional.ZombieNews.A, C:\ProgramData\ZombieNews\data.dat, In Quarantäne, [86f3e45f27632e080adbbe6e13f207f9], 
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Löschen bei Neustart, [fe7b95ae3a50d85e8f317fafac59b848], 
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [5a1f3d065d2de84e8b08ad0755aef40c], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Löschen bei Neustart, [2950fc474743bb7b4b30730b07fcd030], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [e990b48ff3973bfbf2ad057b51b2d52b], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\update.exe, In Quarantäne, [e990b48ff3973bfbf2ad057b51b2d52b], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV07.05\108abbfd-af07-431a-8138-2dd0ce19f45d.crx, In Quarantäne, [c4b540038406be784f65cacb30d3f907], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV07.05\10b4da6a-b0aa-4a25-829c-e22901195446.crx, In Quarantäne, [c4b540038406be784f65cacb30d3f907], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV07.05\bgNova.html, In Quarantäne, [c4b540038406be784f65cacb30d3f907], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497\upgmsd_de_497.cyl, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497\gmsd_de_497\1.20\cnf.cyl, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Users\Michael\AppData\Local\gmsd_de_497\gmsd_de_497\1.20\eorezo.cyl, In Quarantäne, [6217cb78eaa08caa552f1d7b4eb58f71], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_497\unins000.dat, In Quarantäne, [3247e55e2d5d989eb3d26731cf342bd5], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\8824f131-1c2d-4c69-a16b-f46002285288.dll, In Quarantäne, [4f2ac3805f2b0135049b99007192b749], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\bgNova.html, In Quarantäne, [4f2ac3805f2b0135049b99007192b749], 
PUP.Optional.GoPhotoIt.A, C:\Program Files (x86)\The-Go-Photo-it-v11\Uninstall.exe, In Quarantäne, [4f2ac3805f2b0135049b99007192b749], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\tree.js, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\unins000.dat, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\wrex.exe, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\icon.png, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\install.rdf, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\{5081D2D4-1637-404c-B74F-50526718257D}.xpi, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\content\main.xul, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\Firefox\chrome\skin\overlay.css, In Quarantäne, [0178c67d008a4ceacc99e4b8cd366d93], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\UpDateProcess.exe, In Quarantäne, [64151a29d1b9df5764d2108dec1729d7], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\bahvxfk, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\mkfvxfk, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\pvpqbjobmlpfqlovvawq, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\qokvxfk, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\rfobmlpfqlovvawq, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\rpboobmlpfqlovvawq, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\stb.dat, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 
PUP.Optional.SearchProtect.A, C:\Users\Michael\AppData\Local\avabvexvac\ycfvxfk, In Quarantäne, [fb7ef251167488aeb839b6ebc93a6d93], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 27/07/2015 um 12:05:16
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Michael - MICHAEL-PC
# Gestarted von : C:\Users\Michael\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : PicexaService
Dienst Gelöscht : SSFK

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\MailUpdate
Ordner Gelöscht : C:\ProgramData\5bbdb1ab0000131b
Ordner Gelöscht : C:\ProgramData\a7018bbf000078a4
Ordner Gelöscht : C:\ProgramData\{62e21246-1605-aeca-62e2-212461604918}
Ordner Gelöscht : C:\ProgramData\{9be38812-3ced-8198-9be3-388123ce2048}
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa
Ordner Gelöscht : C:\Program Files (x86)\YTDownloader
Ordner Gelöscht : C:\Program Files (x86)\Picexa
Ordner Gelöscht : C:\Program Files (x86)\roller coaster park
Ordner Gelöscht : C:\Program Files (x86)\miuitab
Ordner Gelöscht : C:\Program Files (x86)\SFK
Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerVid2.4
Ordner Gelöscht : C:\Program Files (x86)\Infonaut_1.10.0.14
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro 3.89
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Michael\AppData\Local\AVG Security Toolbar
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Crossbrowse
Ordner Gelöscht : C:\Users\Michael\AppData\Local\03000200-1431024397-0500-0006-000700080009
Ordner Gelöscht : C:\Users\Michael\AppData\Local\03000200-1431024416-0500-0006-000700080009
Ordner Gelöscht : C:\Users\Michael\AppData\LocalLow\AVG Security Toolbar
Ordner Gelöscht : C:\Users\Michael\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Michael\AppData\LocalLow\SmartWeb
Ordner Gelöscht : C:\Users\Michael\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\MailUpdate
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\oursurfing
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Picexa Viewer
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0
Datei Gelöscht : C:\claraInstaller.txt
Datei Gelöscht : C:\Users\Public\Desktop\Picexa.lnk
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Windows\System32\drivers\SPPD.sys
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\QtUIu0BUHXTfyZJc4cdU8i6NM
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : roller_coaster_park_notification_service
Task Gelöscht : avabvexvac

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.bmp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.gif
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.jpeg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.jpg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.png
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PicexaViewer.tif
Schlüssel Gelöscht : HKLM\SOFTWARE\ded19b04-085b-4510-bd15-0bc13b956190
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\9FEBAA996ECF42798981BA51FF2A3D31
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{114DB5FA-0AFB-BB92-A75B-F44D3CE875CD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4CCD1C03-0893-47B2-B639-BA3EF1DCDBDC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B6319EC9-264D-4C16-9E60-B4BBFCE34149}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E9852930-C439-4972-997C-7B6D2BFF2B95}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FB9D2757-3BB3-4FC1-8924-851293C7E0DD}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Avg Secure Update
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\PicexaSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Picexa
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Secure Search
Schlüssel Gelöscht : HKU\.DEFAULT\Software\IGearSettings
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Picexa
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;192.168.*.*

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v44.0.2403.107

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.avg.com/search?cid={3FD7D73C-6DD6-4A55-9E9A-BFEADCF0CE64}&mid=27a4d0d90c9447d6ac30016ecefe0ef1-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&pr=fr&d=2012-09-28%2006:38:45&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP29D9F54D-269F-489F-A718-B57F4CDF637A&q={searchTerms}&SSPV=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=562e437c000000000000000cf680ad42&r=133
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MCF07D945-5942-479E-B084-8F54C3D9BA12&SearchSource=58&CUI=&UM=5&UP=SP29D9F54D-269F-489F-A718-B57F4CDF637A&q={searchTerms}&SSPV=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MCF07D945-5942-479E-B084-8F54C3D9BA12&SearchSource=58&CUI=&UM=5&UP=SP29D9F54D-269F-489F-A718-B57F4CDF637A&q={searchTerms}&SSPV=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www-searching.com/search.aspx?s=F57ztutdk0003,526df647-21dd-4d45-83cd-524526683365,&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : BAA761A989FF90E9ECC2A1587308326DAF854EF5D1C2E6771BCCF47725482F0B"},"software_reporter":{"prompt_reason":"0FC3901B1A17EB1D7DE3B738A2A8CD525EF30D4A7030A64FE7AD076655ACA12E","prompt_seed":"FDB0166D064C4DC650DB8F4F1FED1631FB071BCB2F4D55653FCEDAE9A101E225","prompt_version":"24C184634B7FD4384440E57A928AF9CE84918A6CBFC4F0F88ADAD12BD56AA279"},"sync":{"remaining_rollback_tries":"C483A62BB232B331BF80357BD22237FBDB04353D604F8BDBCFC6664A363B0EC8"}},"super_mac":"7FED1EE97F4111F20A02AC3ACBB579C0F0B6CA505DAA382C79996F1C44AA4DBE"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423525518&from=ild&uid=395049983_1052499_562E437C

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [25063 Bytes] - [27/07/2015 12:02:21]
AdwCleaner[S0].txt - [22808 Bytes] - [27/07/2015 12:05:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22868  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Home Premium x64
Ran by Michael on 27.07.2015 at 12:12:19,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\NHHBPGAD1



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Michael\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Michael\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Michael\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Michael\AppData\Roaming\optimizer pro
Successfully deleted: [Folder] C:\Users\Michael\Documents\optimizer pro
Successfully deleted: [Folder] C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066



~~~ Chrome


[C:\Users\Michael\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Michael\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
jecgbfoconhopjngaaijjgffhokohlac
papbadoldddalgcjcicnikcfenodpghp

[C:\Users\Michael\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Michael\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.07.2015 at 12:17:03,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 28.07.2015, 06:51   #12
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.07.2015, 18:21   #13
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6d9de2a9f4df5643ad14075af2c93173
# end=init
# utc_time=2015-07-29 02:19:40
# local_time=2015-07-29 04:19:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25031
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6d9de2a9f4df5643ad14075af2c93173
# end=updated
# utc_time=2015-07-29 02:28:48
# local_time=2015-07-29 04:28:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6d9de2a9f4df5643ad14075af2c93173
# engine=25031
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-29 03:55:13
# local_time=2015-07-29 05:55:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 6719335 61169307 0 0
# scanned=225335
# found=58
# cleaned=0
# scan_time=5185
sh=1FAEEDCA82A979038F0FF7CAF88F06A37EBFC890 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerVid2.4\2fb1ba24-c533-4f18-962e-42003cb066b5.crx.vir"
sh=A67B42E715CCBAD9E9638EF2B770E6CC41DDB055 ft=1 fh=6a65d56de7a52f79 vn="Variante von Win32/Toolbar.CrossRider.CU evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerVid2.4\Uninstall.exe.vir"
sh=F46F29207788875FA4FDB1C1F645E29EB55091A6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\defsearchp@gmail.com!1.0.0.1039.xpi.vir"
sh=1A40C6F19E4E8FEB7D2B0A75DF9F105A1B1356CF ft=1 fh=5c0cc19ce91c59ae vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\SupTab.dll.vir"
sh=5D01C8785EBEEE4CBEECCA5CA54E9A6AA16EF5D4 ft=1 fh=d622c00b87743adf vn="Variante von Win32/OptimizerPro.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.89\OptProHelper.dll.vir"
sh=346C4EFEF51E9FFCA66F87D06CF8533499C19574 ft=1 fh=c3a8e1c350d4046e vn="Variante von Win32/ELEX.DS evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Picexa\Picexa.exe.vir"
sh=E72ECC504DC68D20B76A120F397DBDA71BBB3922 ft=1 fh=baa98037ddcdc410 vn="Variante von Win32/ELEX.CK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Picexa\picexasvc.exe.vir"
sh=CAD965A06CAD29BF85BC455D55F839058043EEDE ft=1 fh=f4647fa2b12c875a vn="Variante von Win32/ELEX.DS evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Picexa\uninstall.exe.vir"
sh=5571735939C37694399991815D6DA64F953B12B9 ft=1 fh=c71c00116dd255fe vn="Variante von Win32/Toolbar.CrossRider.CO evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\roller coaster park\roller_coaster_park_notification_service.exe.vir"
sh=DBCC1223F29B298C49D0532BA2B3539794728DED ft=1 fh=c71c0011bd98a461 vn="Variante von Win32/ELEX.EK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX.dll.vir"
sh=C819CD7E396453C9EA0C2643B5FEE2B06EBBF4C5 ft=1 fh=c71c001193c1ce0b vn="Variante von Win64/ELEX.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX64.dll.vir"
sh=335D4357ECDEDB381B8268949F829A4A71DE9170 ft=1 fh=c503ff1f1eb3bc07 vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX64.exe.vir"
sh=E40E8E91FA5101B0D9E675478BCBB5ACBD271334 ft=1 fh=d7e88db597f3f71a vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SSFK.exe.vir"
sh=7304F9F56CDFCC9DD9277C40A0C32553B651AD50 ft=0 fh=0000000000000000 vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\Yrrehs.zip.vir"
sh=1B17B1D694397AF44694E0CBE9309CF4199B1D82 ft=1 fh=1d251d3bb2bd6aec vn="Win32/Adware.ConvertAd.MN Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael\AppData\Local\03000200-1431024397-0500-0006-000700080009\cnsx606B.tmp.vir"
sh=E91D8A672C3305DFC434CF82CA963CEFF32ACE39 ft=1 fh=c215227cb3e73562 vn="Variante von Win32/Adware.ConvertAd.MI Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael\AppData\Local\03000200-1431024416-0500-0006-000700080009\onssA5C4.tmp.vir"
sh=532056D5F247439C163A7CAD7D1162291689E303 ft=1 fh=6a0dc75f00a5784f vn="Variante von Win32/Adware.ConvertAd.QQ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael\AppData\Local\03000200-1431024416-0500-0006-000700080009\snsdA5B3.tmp.vir"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael\AppData\Roaming\QtUIu0BUHXTfyZJc4cdU8i6NM.vir"
sh=E40E8E91FA5101B0D9E675478BCBB5ACBD271334 ft=1 fh=d7e88db597f3f71a vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SSFK.exe"
sh=3FE0E80E12A64BFB8C23E26BA1C5ACF66F9E8199 ft=1 fh=52b5cc06cef57114 vn="Variante von Win64/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Adobe\bf5e44bc-23c7-4c44-a8bd-cceb5d547848.dll"
sh=3FE0E80E12A64BFB8C23E26BA1C5ACF66F9E8199 ft=1 fh=52b5cc06cef57114 vn="Variante von Win64/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848\803037cf-4f1c-4778-8c4a-f8128c4901f6.dll"
sh=0F79F9CB02FBF8D35AD0908052E5DCDD8F821F48 ft=1 fh=9c077014b4b86e80 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=C014A0B8707C1A5604FDD137B485209C912E94B1 ft=1 fh=6942a1f2f5239805 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir"
sh=953451BCC60C34552005E74B73F045B6E3E3A769 ft=1 fh=4c9364403964144b vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=AED3D4864B356E66846F4FCB55099564FE5AED02 ft=1 fh=1ec8d577e0ce2c8e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun.vir"
sh=FCA919BE5BE5915466DA1B427A7856B6E018832E ft=1 fh=db9264c25afe334d vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=0C3C28B87F2008F555F67802126462D017933F6E ft=1 fh=bdb229e97d5f5429 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=E523F15EF251991BB12D8421ACCDDCAFAB70907D ft=1 fh=cc7aaf668d307f9e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=830019D9ACB54D618843F8C77215CEB95C407063 ft=1 fh=220394fbf3e1efdf vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=EAE86E8BE97F01D5C341D554793A5187FCBF0E13 ft=1 fh=1e00c99da8f96e1f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir"
sh=DFB050DA8CE1684CC9B53BE3C3C03E83044DF050 ft=1 fh=47d0d96e2e344425 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=7339529513967BCCF5274528EB4E9BC3EC1D8218 ft=1 fh=1de5042183107dc1 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=588A2EB99005773F0BB92B7F8A3B8CB00DFD980C ft=1 fh=7be5fd5b5f767803 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=C1A136019D2C3ACA325D9E62025A6EDBE6409A31 ft=1 fh=fd0b2292296334f0 vn="Win32/Adware.ConvertAd.MT Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\jnsw9DE3.tmp.vir"
sh=273B97EDF0E8D516ABC05E3EB12D0F25200905FA ft=1 fh=2abed5f562f48719 vn="Variante von Win32/Adware.ConvertAd.MK Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\nsw68D9.tmpfs.vir"
sh=EB768FC3523226EFE0E5D6AA04A1425EA1FD9EF4 ft=1 fh=04e4b97054707160 vn="Variante von Win32/Adware.ConvertAd.OB.gen Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Michael\AppData\Roaming\03000200-1431017001-0500-0006-000700080009\vnsw508E.tmp.vir"
sh=049A0E6181F53CD6A605CF30F4805C5BAC56E953 ft=1 fh=c71c0011ad68d1dc vn="Variante von Win32/ELEX.DJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\everything.dll"
sh=74DECD5131F195CF528344533380C1E75D07DD65 ft=1 fh=c71c0011fb0be796 vn="Variante von Win32/ELEX.DJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\helper.dll"
sh=0B606FDD79CE6F930A93631B23B7DE812A13FEFF ft=1 fh=c71c00118a8bb456 vn="Variante von Win32/ELEX.DJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\Patch.dll"
sh=F8F20E6E697804C74ED8D2A524D8A5B94FD5EA9D ft=1 fh=9deafacd17d211df vn="Variante von Win32/ELEX.DJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\ServiceEverything.exe"
sh=EC64AEDE7C4503E522DC202008EA1274CB1B5437 ft=1 fh=c71c0011d3ac06ce vn="Win32/ELEX.EK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\SFKEX.dll"
sh=25F511F71AD17D6E22B59D6B7250ECE542F0A5BE ft=1 fh=c71c00112abdd57c vn="Variante von Win32/ELEX.DJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\SFKEX.exe"
sh=5AD2B9746480AB40F70352269B0989289982E030 ft=1 fh=c71c0011e026e3ea vn="Win64/ELEX.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\SFKEX64.dll"
sh=A8BD8C5B7C71482ABE1E06409D97B4BD87DF4EC4 ft=1 fh=fa287f48d099f7db vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\SFKEX64.exe"
sh=A9B743E5ADB6A807C6B0700D9F2B2CA5CB6C7F37 ft=1 fh=c71c0011e1c191e4 vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Everything\update.exe"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\B3ygyK0cF8QWU9Cm0Ncihqx"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Roaming\Y9r1Q3cN"
sh=945DF9C447FBE9A5AC2470515F9E72D7EAD76D61 ft=1 fh=c71c001189e3e8b0 vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeDVDVideoConverter.exe"
sh=C2BD463845CFF168315094CEE59883A98D38BB04 ft=1 fh=c904b112d3bd37a6 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (1).exe"
sh=EF476640E69604879C540915C4BCBA9CF9F6A332 ft=1 fh=f1da0bf17500491a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (2).exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (3).exe"
sh=B9623FD3460649E450A80DB5FA1FB013B93307BB ft=1 fh=c71c00112871741b vn="Variante von Win32/InstallCore.OZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (9).exe"
sh=660DBBCCB3CECB907102247E33A2763B885BC22F ft=1 fh=08d795d06aaee6ee vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter.exe"
sh=525EB01389C7DA0FDED058BCA3B0A73271E4A700 ft=1 fh=e7e3e19f10c5d52e vn="Win32/TopMedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\Mean Streets (1973) 720p BrRip - 700MB - YIFY_secure.exe"
sh=C8021421B644A33957E2332002DA544D70947E54 ft=1 fh=16a434f7182a6edd vn="Win32/StartPage.OPH Trojaner" ac=I fn="C:\Users\Michael\Downloads\vlc-2.0.1-win32.exe"
sh=0CE48DA603A5E7431002CE4ACA1F1546C5D6579E ft=1 fh=a7cab65addc4a365 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Programme\youtubetomp3\FreeYouTubeToMP3Converter32.exe"
sh=E40E8E91FA5101B0D9E675478BCBB5ACBD271334 ft=1 fh=d7e88db597f3f71a vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_2.0.6.11[1].exe"
sh=A9B743E5ADB6A807C6B0700D9F2B2CA5CB6C7F37 ft=1 fh=c71c0011e1c191e4 vn="Variante von Win64/ELEX.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_V2.0.6.7[1].exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 26  
 Java 7 Update 65  
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Adobe Reader XI  
 Google Chrome (44.0.2403.107) 
 Google Chrome (44.0.2403.125) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Michael (Administrator) auf MICHAEL-PC (29-07-2015 19:19:09)
Gestartet von C:\Users\Michael\Desktop
Geladene Profile: Michael & UpdatusUser (Verfügbare Profile: Michael & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Sonic Shared\cinetray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Run: [Dropbox Update] => C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-03] (Dropbox, Inc.)
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inhaltsmanager-Assistent für PlayStation(R).lnk [2014-12-21]
ShortcutTarget: Inhaltsmanager-Assistent für PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-06-18]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-05-12]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk [2011-01-26]
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files (x86)\Common Files\Sonic Shared\cinetray.exe (Sonic Solutions)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.kiebel.de
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.kiebel.de
HKU\S-1-5-21-3406820721-3590820294-1622690160-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM -> {B6319EC9-264D-4C16-9E60-B4BBFCE34149} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {E9852930-C439-4972-997C-7B6D2BFF2B95} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1003 -> DefaultScope {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3406820721-3590820294-1622690160-1003 -> {FB9D2757-3BB3-4FC1-8924-851293C7E0DD} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  Keine Datei
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29AFCA6F-6248-4E4D-9272-6D5B27E2C348}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{986532E5-BDB2-4838-8B99-05F4E865D1CD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DFD47A73-1E1B-40D4-BA94-683A3493D334}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3406820721-3590820294-1622690160-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2013-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-04]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF HKU\S-1-5-21-3406820721-3590820294-1622690160-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-05-04]

Chrome: 
=======
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-21]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-21]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-21]
CHR Extension: (dcdpjakjgmgklajndnlekpojkelnibfp) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2015-04-05]
CHR Extension: (gnkgjopofhfmjebcalbjlcfilnipmopd) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnkgjopofhfmjebcalbjlcfilnipmopd [2015-04-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-05-21]
CHR Extension: (pioclpoplcdbaefihamjohnefbikjilc) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-02-25]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-21]
CHR Extension: (roller coaster park) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pogchimbndbckepmhaagnapfmlfgnala [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

Opera: 
=======
OPR Extension: (Ge-Force) - C:\Users\Michael\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-05-07]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2011-01-21] (Autodesk)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; D:\origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-06-07] ()
S1 Cinemsup; C:\Windows\SysWow64\Drivers\Cinemsup.sys [6656 2002-07-19] (Sonic Solutions)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-03-02] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-06-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FXDrv32; \??\E:\FXDrv64.sys [X]
S3 netr7364; system32\DRIVERS\netr7364.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 19:18 - 2015-07-29 19:18 - 00000000 ____D C:\Users\Michael\Desktop\FRST-OlderVersion
2015-07-29 19:14 - 2015-07-29 19:14 - 00852684 _____ C:\Users\Michael\Desktop\SecurityCheck.exe
2015-07-29 16:19 - 2015-07-29 16:19 - 02870984 _____ (ESET) C:\Users\Michael\Desktop\esetsmartinstaller_deu.exe
2015-07-27 12:33 - 2015-07-27 12:33 - 00047462 _____ C:\Users\Michael\Desktop\mbam.txt
2015-07-27 12:17 - 2015-07-27 12:17 - 00001762 _____ C:\Users\Michael\Desktop\JRT.txt
2015-07-27 12:11 - 2015-07-27 12:11 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Michael\Desktop\JRT.exe
2015-07-27 12:00 - 2015-07-27 12:05 - 00000000 ____D C:\AdwCleaner
2015-07-27 12:00 - 2015-07-27 12:00 - 02248704 _____ C:\Users\Michael\Desktop\AdwCleaner_4.208.exe
2015-07-27 11:55 - 2015-07-27 11:55 - 00000000 ____D C:\Users\Michael\Desktop\PSV
2015-07-27 11:34 - 2015-07-29 16:09 - 00000504 _____ C:\Windows\setupact.log
2015-07-27 11:34 - 2015-07-27 11:50 - 00008966 _____ C:\Windows\PFRO.log
2015-07-27 11:34 - 2015-07-27 11:34 - 00000000 _____ C:\Windows\setuperr.log
2015-07-27 11:02 - 2015-07-27 11:02 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-27 11:02 - 2015-07-27 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-27 11:02 - 2015-07-27 11:02 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-27 11:02 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-27 11:02 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 10:59 - 2015-07-27 10:59 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Michael\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-27 10:42 - 2015-07-27 10:46 - 00000000 ____D C:\Users\Michael\Desktop\Ordner
2015-07-25 15:14 - 2015-07-25 15:14 - 00033852 _____ C:\ComboFix.txt
2015-07-25 14:58 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-25 14:58 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-25 14:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-25 14:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-25 14:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-25 14:58 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-25 14:58 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-25 14:58 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-25 14:55 - 2015-07-25 15:14 - 00000000 ____D C:\Qoobox
2015-07-25 14:55 - 2015-07-25 15:12 - 00000000 ____D C:\Windows\erdnt
2015-07-25 14:54 - 2015-07-25 14:54 - 05633622 ____R (Swearware) C:\Users\Michael\Desktop\ComboFix.exe
2015-07-25 09:19 - 2015-07-25 09:19 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-22 11:54 - 2015-07-22 11:54 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Michael\Desktop\tdsskiller.exe
2015-07-22 10:49 - 2015-07-27 12:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-22 10:49 - 2015-07-27 11:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 10:49 - 2015-07-22 11:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-22 10:48 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-22 10:45 - 2015-07-22 11:50 - 00000000 ____D C:\Users\Michael\Desktop\MBAR
2015-07-22 10:43 - 2015-07-22 10:43 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Michael\Desktop\mbar-1.09.1.1004.exe
2015-07-21 15:44 - 2015-07-21 15:44 - 00060924 _____ C:\Users\Michael\Desktop\Addition.txt
2015-07-21 15:42 - 2015-07-29 19:19 - 00023324 _____ C:\Users\Michael\Desktop\FRST.txt
2015-07-21 15:42 - 2015-07-29 19:19 - 00000000 ____D C:\FRST
2015-07-21 15:41 - 2015-07-29 19:18 - 02169856 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2015-07-21 15:39 - 2015-07-21 15:39 - 00000476 _____ C:\Users\Michael\Desktop\defogger_disable.log
2015-07-21 15:39 - 2015-07-21 15:39 - 00000000 _____ C:\Users\Michael\defogger_reenable
2015-07-21 15:38 - 2015-07-21 15:38 - 00050477 _____ C:\Users\Michael\Desktop\Defogger.exe
2015-07-21 14:46 - 2015-07-21 14:46 - 00459464 _____ (TODO: <公司名>) C:\Program Files (x86)\SSFK.exe
2015-07-21 09:40 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 09:40 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 09:40 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 09:40 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 09:40 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 09:40 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 15:47 - 2015-07-16 15:47 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-16 04:53 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 04:53 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 04:53 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 04:53 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-16 04:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 04:53 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 04:53 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 04:53 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-16 04:53 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 04:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 04:53 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 04:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 04:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 04:53 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 04:53 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-16 04:53 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 04:53 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-16 04:53 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 04:53 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-16 04:53 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 04:53 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 04:53 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-16 04:53 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-16 04:53 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 04:53 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-16 04:53 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-16 04:53 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 04:53 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-16 04:53 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-16 04:53 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 04:53 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-16 04:53 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-16 04:53 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-16 04:53 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-16 04:53 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-16 04:53 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 04:53 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 04:53 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 04:53 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 04:53 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-16 04:53 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 04:53 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-16 04:53 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 04:53 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 04:53 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 04:53 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-16 04:53 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-16 04:53 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-16 04:53 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 04:53 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-16 04:53 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-16 04:53 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 04:53 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-16 04:53 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-16 04:53 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-16 04:53 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 04:53 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 04:53 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 04:53 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 04:53 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 04:53 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-16 04:53 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 04:53 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 04:53 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 04:53 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 04:53 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 04:53 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 04:52 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 04:52 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 04:52 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-16 04:52 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-16 04:52 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-16 04:52 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-16 04:52 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-16 04:52 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-16 04:52 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-16 04:52 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-16 04:52 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-16 04:52 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-16 04:52 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-16 04:52 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-16 04:52 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-16 04:52 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-16 04:52 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 04:52 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 04:52 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 04:52 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 04:52 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 04:52 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 04:52 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 04:52 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 04:52 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 04:52 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 04:52 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 04:52 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 04:52 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-10 17:47 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-10 17:47 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-10 17:47 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-10 17:47 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-10 17:47 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-10 17:47 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-10 17:47 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-10 17:47 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-10 17:47 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-10 17:47 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-10 17:47 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-10 17:47 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-10 17:46 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-10 17:46 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-07-10 17:46 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-10 17:46 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-07-10 17:46 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-10 17:46 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-07-10 17:46 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-07-10 17:46 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-10 17:46 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-09 17:27 - 2015-07-20 08:02 - 00000000 ____D C:\Users\Michael\AppData\Everything
2015-07-03 09:28 - 2015-07-29 18:38 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA.job
2015-07-03 09:28 - 2015-07-28 08:38 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core.job
2015-07-03 09:28 - 2015-07-20 08:33 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000UA
2015-07-03 09:28 - 2015-07-20 08:33 - 00003810 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3406820721-3590820294-1622690160-1000Core
2015-07-03 09:28 - 2015-07-03 09:28 - 00000000 ____D C:\Users\Michael\AppData\Local\Dropbox
2015-07-03 09:28 - 2015-07-03 09:28 - 00000000 ____D C:\ProgramData\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 19:00 - 2011-09-23 18:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-29 18:47 - 2013-11-12 23:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 18:32 - 2011-01-07 19:34 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C1C071B-4321-4819-87FF-E3B8CE27ADEF}
2015-07-29 17:09 - 2011-01-07 19:18 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2015-07-29 16:24 - 2009-07-14 19:58 - 00707316 _____ C:\Windows\system32\perfh007.dat
2015-07-29 16:24 - 2009-07-14 19:58 - 00152908 _____ C:\Windows\system32\perfc007.dat
2015-07-29 16:24 - 2009-07-14 07:13 - 01642284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 16:22 - 2011-01-05 18:09 - 01510543 _____ C:\Windows\WindowsUpdate.log
2015-07-29 16:18 - 2009-07-14 06:45 - 00020224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 16:18 - 2009-07-14 06:45 - 00020224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 16:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 16:12 - 2014-11-28 23:04 - 00000000 ___RD C:\Users\Michael\Dropbox
2015-07-29 16:12 - 2014-11-28 23:02 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox
2015-07-29 16:10 - 2013-09-22 10:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-29 16:09 - 2011-09-23 18:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-29 16:09 - 2011-01-05 17:20 - 00000000 ____D C:\Temp
2015-07-29 16:09 - 2010-11-09 18:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-29 16:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 20:03 - 2014-05-21 16:14 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-27 11:55 - 2015-04-05 01:49 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-27 11:34 - 2011-08-27 13:12 - 00000000 ____D C:\Windows\rescache
2015-07-27 11:32 - 2015-02-10 01:44 - 00000000 ____D C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848
2015-07-27 11:32 - 2010-11-09 18:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-25 15:14 - 2012-05-25 19:11 - 00000000 ____D C:\Users\bild
2015-07-25 15:14 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-25 15:09 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-25 15:07 - 2009-07-14 04:34 - 76808192 _____ C:\Windows\system32\config\software.bak
2015-07-25 15:07 - 2009-07-14 04:34 - 20185088 _____ C:\Windows\system32\config\system.bak
2015-07-25 15:07 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2015-07-25 15:07 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-07-25 15:07 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-07-25 15:06 - 2014-06-16 20:51 - 00000000 ____D C:\Users\Michael\AppData\Roaming\convert
2015-07-22 11:16 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\addins
2015-07-22 10:36 - 2013-02-23 12:30 - 00001268 _____ C:\Users\Michael\Desktop\Revo Uninstaller.lnk
2015-07-21 15:39 - 2011-01-07 19:18 - 00000000 ____D C:\Users\Michael
2015-07-21 12:21 - 2009-07-14 06:45 - 04922256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 08:09 - 2014-12-27 14:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-19 01:10 - 2012-12-22 23:57 - 00000000 ____D C:\Program Files\PeerBlock
2015-07-18 14:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-16 21:33 - 2014-07-05 11:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 15:47 - 2013-11-12 23:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-16 15:47 - 2013-02-23 11:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 15:47 - 2013-02-23 11:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 14:55 - 2011-09-23 18:02 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 14:55 - 2011-09-23 18:02 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 04:57 - 2013-08-20 10:23 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 07:46 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2015-07-14 07:46 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2015-07-12 13:27 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-11 07:00 - 2014-11-29 09:57 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieBrowserModeList
2015-07-11 07:00 - 2014-04-23 19:17 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieUserList
2015-07-11 07:00 - 2014-04-23 19:17 - 00000000 __SHD C:\Users\Michael\AppData\Local\EmieSiteList
2015-07-11 06:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-10 17:32 - 2011-01-21 20:46 - 00000000 ____D C:\ProgramData\ICQ
2015-07-10 07:27 - 2014-06-18 14:26 - 00000000 ____D C:\Users\Michael\AppData\Roaming\TP-LINK
2015-07-10 07:27 - 2014-05-21 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-10 07:27 - 2014-05-12 10:13 - 00000000 ____D C:\ProgramData\Netzmanager
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-10 07:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-09 17:54 - 2012-02-11 22:57 - 00000000 ____D C:\Windows\Minidump
2015-07-05 14:33 - 2013-02-23 11:10 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-05 12:08 - 2014-05-11 14:37 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 10:14 - 2011-01-07 20:47 - 00000000 ____D C:\Users\Michael\AppData\Roaming\BitTorrent
2015-07-03 08:43 - 2010-11-10 09:51 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-21 14:46 - 2015-07-21 14:46 - 0459464 _____ (TODO: <公司名>) C:\Program Files (x86)\SSFK.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Michael\AppData\Roaming\B3ygyK0cF8QWU9Cm0Ncihqx
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Michael\AppData\Roaming\Y9r1Q3cN
2011-03-11 11:23 - 2011-03-11 11:23 - 0000095 _____ () C:\Users\Michael\AppData\Local\fusioncache.dat

Einige Dateien in TEMP:
====================
C:\Users\Michael\AppData\Local\temp\drm_dyndata_7290008.dll
C:\Users\Michael\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2fge_z.dll
C:\Users\Michael\AppData\Local\temp\Quarantine.exe
C:\Users\Michael\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 10:56

==================== Ende von log ============================
         

Alt 30.07.2015, 08:18   #14
schrauber
/// the machine
/// TB-Ausbilder
 

"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files (x86)\SSFK.exe

C:\Program Files (x86)\Adobe\bf5e44bc-23c7-4c44-a8bd-cceb5d547848.dll

C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848\803037cf-4f1c-4778-8c4a-f8128c4901f6.dll

C:\Users\Michael\AppData\Everything
C:\Users\Michael\Downloads\FreeDVDVideoConverter.exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (1).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (2).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (3).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (9).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter.exe

C:\Users\Michael\Downloads\Mean Streets (1973) 720p BrRip - 700MB - YIFY_secure.exe

C:\Users\Michael\Downloads\vlc-2.0.1-win32.exe

C:\Users\Michael\Programme\youtubetomp3\FreeYouTubeToMP3Converter32.exe

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_2.0.6.11[1].exe

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_V2.0.6.7[1].exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2015, 16:01   #15
uniLai_e
 
"Dein System wird abgesucht" + Picexa auf Desktop - Standard

"Dein System wird abgesucht" + Picexa auf Desktop



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Michael (2015-07-30 16:52:35) Run:1
Gestartet von C:\Users\Michael\Desktop
Geladene Profile: Michael & UpdatusUser (Verfügbare Profile: Michael & UpdatusUser)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Program Files (x86)\SSFK.exe

C:\Program Files (x86)\Adobe\bf5e44bc-23c7-4c44-a8bd-cceb5d547848.dll

C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848\803037cf-4f1c-4778-8c4a-f8128c4901f6.dll

C:\Users\Michael\AppData\Everything
C:\Users\Michael\Downloads\FreeDVDVideoConverter.exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (1).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (2).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (3).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (9).exe

C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter.exe

C:\Users\Michael\Downloads\Mean Streets (1973) 720p BrRip - 700MB - YIFY_secure.exe

C:\Users\Michael\Downloads\vlc-2.0.1-win32.exe

C:\Users\Michael\Programme\youtubetomp3\FreeYouTubeToMP3Converter32.exe

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_2.0.6.11[1].exe

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_V2.0.6.7[1].exe
Emptytemp:
         
*****************

C:\Program Files (x86)\SSFK.exe => erfolgreich verschoben.
C:\Program Files (x86)\Adobe\bf5e44bc-23c7-4c44-a8bd-cceb5d547848.dll => erfolgreich verschoben.
C:\Program Files (x86)\bf5e44bc-23c7-4c44-a8bd-cceb5d547848\803037cf-4f1c-4778-8c4a-f8128c4901f6.dll => erfolgreich verschoben.
C:\Users\Michael\AppData\Everything => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeDVDVideoConverter.exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (1).exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (2).exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (3).exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter (9).exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\FreeYouTubeToMP3Converter.exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\Mean Streets (1973) 720p BrRip - 700MB - YIFY_secure.exe => erfolgreich verschoben.
C:\Users\Michael\Downloads\vlc-2.0.1-win32.exe => erfolgreich verschoben.
C:\Users\Michael\Programme\youtubetomp3\FreeYouTubeToMP3Converter32.exe => erfolgreich verschoben.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_2.0.6.11[1].exe => erfolgreich verschoben.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SSFK_V2.0.6.7[1].exe => erfolgreich verschoben.
EmptyTemp: => 37.2 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 16:52:50 ====
         
soweit alles gut

:-)

Antwort

Themen zu "Dein System wird abgesucht" + Picexa auf Desktop
administrator, adobe, audio, bildschirm, browser, computer, defender, desktop, explorer, home, html, icq, microsoft, miuitab, mozilla, nvidia, realtek, registry, scan, secure search, security, software, system, system32, telekom, update, windows




Ähnliche Themen: "Dein System wird abgesucht" + Picexa auf Desktop


  1. Facebook einloggen nicht mehr möglich "Dein Computer muss gereinigt werden"
    Plagegeister aller Art und deren Bekämpfung - 23.10.2015 (15)
  2. Facebook einloggen nicht mehr möglich "Dein Computer muss gereinigt werden"
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (1)
  3. Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern
    Log-Analyse und Auswertung - 10.04.2015 (11)
  4. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  5. Facebook: "Dein Computer muss gereinigt werden" (Virus/Malware?)
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (11)
  6. Trojaner-Warnung! Im Betreff: "Die Zahlung fur…" und "Dankeschon fur das Einkaufen mit uns heute! Ihre Bestellung wird derzeit verarbeitet."
    Diskussionsforum - 25.07.2014 (0)
  7. da warens nur noch 3: "assembly\GAC_32(64)\Desktop.ini" & "Fehlercode 0x80070424"
    Plagegeister aller Art und deren Bekämpfung - 02.10.2013 (17)
  8. Trojaner "Es besteht keine Internetverbindung" - "REATOGO X-PE Desktop" wird nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (19)
  9. Verspätetes "Xmas-geschenk": 50€-Virus mit Text "System wird aus sicherheitsgründen blockiert"
    Log-Analyse und Auswertung - 02.01.2012 (5)
  10. "Aus Sicherheitsgründen wird Ihr System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2011 (8)
  11. "Das System wird aus Sicherheitsgründen heruntergefahren...."
    Log-Analyse und Auswertung - 14.12.2011 (11)
  12. Trojaner "System Repair, P1kAIMiG2Kb7Fz.exe", Desktop Schwarz, Programme und Dokumente weg
    Log-Analyse und Auswertung - 31.08.2011 (5)
  13. Firefox findet nicht ins Internet und "Ihr System wird in 59 s heruntergefahren"
    Log-Analyse und Auswertung - 15.09.2009 (6)
  14. "Ist das dein Video"-Virus
    Log-Analyse und Auswertung - 02.09.2009 (7)
  15. "system-defender"-Website wird undaufgefordert geöffnet
    Mülltonne - 29.06.2008 (0)
  16. emand sagt "Ich hack dein System"
    Log-Analyse und Auswertung - 01.03.2008 (1)
  17. "Ihr System wird in 59 Sekunden runtergefahren..."
    Plagegeister aller Art und deren Bekämpfung - 01.12.2005 (2)

Zum Thema "Dein System wird abgesucht" + Picexa auf Desktop - hi, unten rechts im Bildschirm kommt immer die Nachricht: "Ihr System wird abgesucht". Auch hatte ich auf einmal Picexa auf dem Desktop und kann es nicht deinstallieren. hier die Logs - "Dein System wird abgesucht" + Picexa auf Desktop...
Archiv
Du betrachtest: "Dein System wird abgesucht" + Picexa auf Desktop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.