Cursor friert für kurze Zeit ein

klaus45 · 20.12.2015, 16:45

Hallo,
seit etlichen Tagen habe ich das Problem, dass der Cursor für einen Zeitraum von etwa 5 bis 20 Sekunden einfriert.
Kann es sein ich habe mir da was eingefangen?

Bitte helft mir auf die Sprünge!

vG
Klaus

Deathkid535 · 20.12.2015, 23:14

Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools welche hier im Thread erwähnt werden
Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Wir benötigen für eine sinnvolle Analyse zuerst ein FRST-Log.

Schritt # 1: FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt # 2: Bitte Posten

Die FRST.txt
Die Addition.txt

klaus45 · 21.12.2015, 13:33

Hallo Dennis,
hier das Ergebnis des ersten Scans.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Klaus (Administrator) auf LAPTOP (21-12-2015 13:07:44)
Gestartet von D:\Eigene Dateien\Downloads
Geladene Profile: Klaus & DefaultAppPool (Verfügbare Profile: Klaus & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Solution.Updater.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\BatteryModule.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\BatteryModule.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [788176 2015-11-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\RunOnce: [{d0e166af-1634-4c0b-ae96-2180e61f9d38}] => C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe [918848 2015-12-18] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
HKLM-x32\...\RunOnce: [360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e] => C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat [592 2015-12-20] () <===== ACHTUNG
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] ()
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03]
ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei)
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1
Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FB8724D7-90A0-4C16-BC5A-031DF42642B4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de
URLSearchHook: [S-1-5-21-3074472845-1740885614-3036682275-1008] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO: Kein Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Keine Datei
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} -  Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.)
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml [2015-10-30]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\2020Player_IKEA@2020Technologies.com [2015-10-15]
FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19]
FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29]
FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden
FF HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Klaus\AppData\Local\Temp\tbch.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [936544 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1105952 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-23] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] ()
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert]
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH)
R3 360AvFlt; system32\DRIVERS\360AvFlt.sys [X]
R3 360Box64; system32\DRIVERS\360Box64.sys [X]
U3 DfSdkS; kein ImagePath
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S1 ttnfd; system32\drivers\ttnfd.sys [X]
S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 13:06 - 2015-12-21 13:07 - 00000000 ____D C:\FRST
2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer
2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer
2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat
2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero
2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools
2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools
2015-12-03 11:20 - 2015-12-21 13:08 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job
2015-12-03 11:20 - 2015-12-21 13:00 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job
2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA
2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core
2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-30 14:53 - 2015-11-30 14:53 - 00000000 __SHD C:\$360Section
2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant
2015-11-30 14:27 - 2015-11-30 14:27 - 00000000 ____D C:\360SANDBOX
2015-11-30 14:26 - 2015-11-30 14:26 - 00000000 ____D C:\Program Files (x86)\360
2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK
2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp
2015-11-22 12:46 - 2015-11-22 12:46 - 00000000 ____D C:\Users\Klaus\Neuer Ordner (2)
2015-11-22 12:24 - 2015-11-22 12:24 - 00000000 ____D C:\Users\Klaus\Tierische Werbung
2015-11-21 17:32 - 2015-11-21 17:32 - 00000000 ____D C:\Users\Klaus\Neuer Ordner

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 13:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-21 13:01 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 13:00 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-21 12:59 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job
2015-12-21 12:59 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job
2015-12-21 12:59 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-20 20:03 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc
2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-12-20 16:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-20 16:44 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser
2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat
2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat
2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 08:30 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass
2015-12-19 08:28 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps
2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live
2015-12-18 08:04 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 08:02 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-15 12:10 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus
2015-12-13 17:08 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive
2015-12-13 17:08 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox
2015-12-13 17:08 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2015-12-13 17:05 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-12-13 17:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss
2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP
2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle
2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss
2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER
2015-11-30 15:13 - 2015-08-08 17:39 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt
2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos
2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft
2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump
2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3
2015-11-23 16:46 - 2013-10-18 08:13 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 15:39 - 2011-10-24 19:11 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-11-23 15:33 - 2014-01-15 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-23 15:33 - 2013-10-18 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 15:33 - 2011-11-12 12:19 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-23 15:32 - 2015-11-05 17:41 - 00000000 ____D C:\Users\Klaus\.oracle_jre_usage
2015-11-23 15:30 - 2015-04-16 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-23 15:14 - 2015-01-30 16:24 - 00000000 ____D C:\Program Files\CDBurnerXP
2015-11-22 13:08 - 2015-01-30 16:24 - 00001748 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-11-22 13:08 - 2015-01-30 16:24 - 00001698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe
2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll
2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt
2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res
2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db
2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def
2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Klaus\AppData\Roaming\LL
2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini
2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat
2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf
2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log
2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys
2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp
2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat
2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml
2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG
2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus
2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel
2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg
2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib
2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr
2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log
2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe
2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-29 17:55 - 2015-10-29 17:55 - 0000016 _____ () C:\ProgramData\mntemp

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe
C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat
C:\Users\Klaus\jobq.dat
C:\Users\Klaus\netzlw.vbs
C:\Users\Klaus\time1.bat
C:\Users\Klaus\vbaconv.bat


Einige Dateien in TEMP:
====================
C:\Users\Klaus\AppData\Local\Temp\-bfjpesr.dll
C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe
C:\Users\Klaus\AppData\Local\Temp\avgnt.exe
C:\Users\Klaus\AppData\Local\Temp\ctmyh-q6.dll
C:\Users\Klaus\AppData\Local\Temp\DivXSetup.exe
C:\Users\Klaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvlefog.dll
C:\Users\Klaus\AppData\Local\Temp\GLF2767.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF3E32.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF5C66.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF6878.EXE
C:\Users\Klaus\AppData\Local\Temp\HOST17152.exe
C:\Users\Klaus\AppData\Local\Temp\ikryuqe5.dll
C:\Users\Klaus\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Klaus\AppData\Local\Temp\ls3grcji.dll
C:\Users\Klaus\AppData\Local\Temp\pf3lfiun.dll
C:\Users\Klaus\AppData\Local\Temp\tmd_34019176.exe
C:\Users\Klaus\AppData\Local\Temp\uninstall.exe
C:\Users\Klaus\AppData\Local\Temp\v9o1xnos.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-12 11:01

==================== Ende von FRST.txt ============================

--- --- ---

klaus45 · 21.12.2015, 13:35

Hier Teil 2

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Klaus (2015-12-21 13:13:10)
Gestartet von D:\Eigene Dateien\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-01-26 10:02:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3074472845-1740885614-3036682275-500 - Administrator - Disabled)
Gast (S-1-5-21-3074472845-1740885614-3036682275-501 - Limited - Disabled)
Klaus (S-1-5-21-3074472845-1740885614-3036682275-1001 - Administrator - Enabled) => C:\Users\Klaus

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AceHTML 5 Freeware (HKLM-x32\...\AceHTML 5 Freeware) (Version:  - )
AceHTML Freeware (HKLM-x32\...\AceHTML Freeware) (Version: Build 11 - )
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Ahnenblatt 2.83 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.83.0.1 - Dirk Böttcher)
Any Video Converter 5.8.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5b07d59f-99e0-4c52-ad25-965f7e38d6ac}) (Version: 1.1.51.19070 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DjVu Converter (HKLM-x32\...\{C7295DBA-FB02-4898-AE48-783812A4F7F9}_is1) (Version:  - djvuconverter.com)
Dropbox (HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Excel Protection Remover (HKLM-x32\...\ST6UNST #1) (Version:  - )
ExifPro 2.0 Photo Viewer (HKLM-x32\...\ExifPro 2.0) (Version:  - )
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FamilySearch Indexing 3.9.9 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.9.9 - FamilySearch)
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com)
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.69 - IGC)
Free Video to JPG Converter version 5.0.34.225 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.34.225 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.61.805 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.61.805 - DVDVideoSoft Ltd.)
Frutti for Noobs 2 (HKLM-x32\...\Frutti for Noobs 2) (Version:  - )
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version:  - Friedemann Schmidt)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version:  - HalfBaked)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{0A8BEF69-0DD7-4A8F-9AED-0CB91BEBCB58}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Print View Software (HKLM\...\{1E95102E-27A4-416F-A9D1-308C9603F14A}) (Version: 3.0.0.0 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jigsaws Galore Version 7 Free Edition (HKLM-x32\...\Jigsaws Galore 7 Free Edition_is1) (Version:  - Gray Design Associates)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.25 - PasswdFinder)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Setup (Deutsch) (HKLM\...\{24BB9353-944E-46BC-BBA8-B8F83E8DBB51}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU CTP1 (HKLM\...\{CA62C93E-A637-4BEC-B90D-69ABFBEB402C}) (Version: 4.0.8854.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.27.40 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version:  - )
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2013 - Abelssoft)
Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
NirSoft WirelessNetView (HKLM-x32\...\NirSoft WirelessNetView) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Paragon Easy CD-DVD Recorder Demo (HKLM-x32\...\{6D5F5816-08ED-4ED1-9063-8225A3A7E278}) (Version:  - )
PC-WELT-Win7SP2 1.0 (HKLM\...\{E2EF3441-468D-4568-881E-370F22E2D49F}_is1) (Version:  - IDG Magazine Media GmbH)
pcwPatchLoader 2.2.4 (HKLM-x32\...\{84420A29-9A17-416E-AE2E-019BC23B5353}_is1) (Version:  - IDG Magazine Media GmbH)
PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke)
Photomizer 2 SE (HKLM-x32\...\{41B5224D-F3EC-4EF7-0001-6CD233878EF0}) (Version: 2.0.13.425 - Engelmann Media GmbH)
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
ScanIT-Client 3.4 (HKLM-x32\...\ScanIT-Client_is1) (Version:  - GfK SE)
SDL BinScope (HKLM-x32\...\{B137EB8C-FA6C-4DA7-95F0-A9B6FFE67A64}) (Version: 1.0.1 - Microsoft Corporation)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.0.2102.0 - Seagate)
Seagate Manager Installer (HKLM-x32\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate)
Seagate Manager Installer (x32 Version: 2.01.0109 - Seagate) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Secunia PSI (2.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
soft Xpansion Perfect PDF 6 Office (HKLM-x32\...\{A6D309F9-38AB-4cc3-8DA7-0544F5011788}) (Version: 6.4.1 - soft Xpansion)
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SpeedCrunch 0.11 (HKLM-x32\...\SpeedCrunch_is1) (Version:  - SpeedCrunch)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
VAIO - Media Gallery (HKLM-x32\...\{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}) (Version: 1.4.1.12150 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.6.10.11160 - Sony Corporation)
VAIO Care (HKLM\...\{6EEC3E9C-3479-42EB-B93C-E7DF7927DD82}) (Version: 8.4.4.09181 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VBA Password DEMO version 15.0 (HKLM-x32\...\{BABBE752-6969-42EC-8EAC-4D07604BCD55}_is1) (Version: 15.0 - LastBit.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Version 2.0 (HKLM-x32\...\VBAPass97 2.0_is1) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows HLP To RTF V8.0 (HKLM-x32\...\Windows HLP To RTF V8.0_is1) (Version:  - YpgSoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinHTTrack Website Copier 3.48-9 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.9 - HTTrack)
Wondershare Photo Recovery(build 2.0.3) (HKLM-x32\...\Wondershare Photo Recovery_is1) (Version:  - Wondershare Software)
WSCC 2.5.0.1 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-12-2015 18:41:13 Windows Update
06-12-2015 10:43:37 Windows Update
10-12-2015 08:01:26 Windows Update
13-12-2015 11:33:29 Windows Update
13-12-2015 17:09:35 Installed Nero 11 InfoTool.
16-12-2015 18:31:35 Windows Update
20-12-2015 14:58:27 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {039A07D1-A2B9-45C0-BD19-49690FD83DE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {07D4AA24-D497-4001-910D-41CFECF18CD6} - System32\Tasks\{C7ED5386-D57A-4EE9-B196-C5A7CDB5814E} => pcalua.exe -a C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL -c Nokia Connection Manager
Task: {0885AE72-75F9-43DF-BDBD-589259EB1DF0} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {0B34DC19-1384-4702-B339-50AA74B9BB75} - System32\Tasks\Klaus1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC)
Task: {0BAD74C5-C8BE-463A-B9D2-435751671C6E} - System32\Tasks\{F0337A20-BC9C-45B4-8747-866EE7685E14} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe"
Task: {12574A46-5BB3-4B18-832E-A0F2914603B0} - System32\Tasks\Klaus1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC)
Task: {15C2BA37-1546-45E1-A823-DCB117AFB4AE} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {1616CAB9-29A8-4DD0-8D5A-BB886FCB1CB9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {19417406-1995-4E80-916B-A8F1CAB989F6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3074472845-1740885614-3036682275-1001
Task: {1CF81235-00F6-4816-A5EB-69AE64A37D4D} - System32\Tasks\DriverBoost-RTMScanRunOnce => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {1EE705D8-D067-4735-BBF6-40695E17127F} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {26B7FB74-A020-4964-946D-96FC4545A1F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3A353DDC-0642-49E8-AEEE-76F3C6D2451C} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {3E9838B7-A150-45E9-BFBF-394BB4282449} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {3FDD9109-DAB0-4863-8B5A-E285CABF7B6B} - System32\Tasks\{12F6BB85-6848-4135-9E2F-51D078C4D088} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung
Task: {491AD1C2-C187-4DEA-8D30-004774FF75F9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {49B89204-1C6D-46B1-91EA-9BEE8E0EBC30} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {4AC60758-327A-4E9D-9092-61BDEED842EF} - System32\Tasks\{8586105B-1F7A-406A-9FC7-51BC3A1D794B} => pcalua.exe -a "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\PROJECTS\TOOLS\LEOPARD\innounp.exe" -d "d:\Eigene Dateien\Downloads\multiPE" -c -x -b -q -d"D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\extract" "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\download.exe"
Task: {5D0A4BE5-9970-4259-BF30-FB8AB223416D} - System32\Tasks\{ABC60670-A460-465C-9B97-212DCFD5465C} => pcalua.exe -a "D:\Eigene Dateien\Downloads\QuickTimeInstaller.exe" -d "d:\Eigene Dateien\Downloads\"
Task: {614740B0-4ADB-4F65-AD1D-E2D435C9AF28} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {6720139A-BAC1-45A6-A4ED-306CFCC522CF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-04-01] (Seagate Technology LLC)
Task: {67343D87-E736-44B9-A13A-E2B8C5350BD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {675619FA-94CC-4069-A717-2569CD32E816} - System32\Tasks\LL => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG
Task: {6DC6A912-7B27-4568-95D4-BAED9FA1D618} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {6E8871DA-C9F1-4696-A91D-54EC99FEEFDA} - System32\Tasks\CWSLOE => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG
Task: {6EC63CDF-8431-4DA2-8945-7C600164F5EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {75E39019-C4CC-4EB0-B5E2-0FDE37CA2F4D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {771ED35C-0486-4613-8B96-3B79FA03779F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {78DF4BAC-B69A-472F-926A-177FE4507BFD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {7E9A1E18-8096-4D6C-8963-72CFB8D80E52} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {93FD7C56-B4C3-4E77-9CD2-0DCEE3629803} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {94602960-5314-426D-9A89-B2963F96F345} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {94A0C089-0A35-4F05-96B2-62D98BDC59F9} - System32\Tasks\{2B9CF77D-AE9E-4A00-A040-58557720103A} => pcalua.exe -a C:\Users\Klaus\AppData\Local\Temp\GLF80C7\Setup.exe -d C:\Users\Klaus\AppData\Local\Temp\GLF80C7 -c -s -SMS
Task: {9D53AEA0-E725-43C1-8B69-36D0034B4A89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A8673728-8118-4654-BC05-5D78A891AD2A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {AE31F376-8A3F-4597-AD1C-D5CE26B921B2} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {B20290E4-BD2A-4088-8CEF-E5E63E27F239} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {B309C4C3-8093-4497-9284-8C1A3B540ABC} - System32\Tasks\{870005DC-CA58-4ED9-8C15-6EB0D6F041E8} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{10C51313-A308-4B40-90E3-B368D5882660}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {B7186D47-A3B8-4529-ADEF-4C58B845085D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {CAC5CBED-7DE9-42CF-B7BE-6F8062BF5215} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {CE244184-0F4F-45B0-8016-87D86531DFE2} - System32\Tasks\{62E86545-595A-4543-B0E6-AD03A0F82400} => pcalua.exe -a "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe" -d "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update"
Task: {D04F9636-7D65-4AAB-AD44-356BCF1430DE} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {D371F01D-6C21-4BDF-A5A1-9C78CD3DEBB9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {DB8BCBD7-53AB-47C2-841D-BB3D4CE92F7A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {DD529932-CF27-4DE8-8F28-F548B9E95C17} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {E8FCCBDC-E2DE-4D03-A5B6-B262C79F28A2} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {EC9B56C2-5659-45AE-912D-41969BB0862C} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {EF56181C-410E-43AD-A983-1C06051088E9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation)
Task: {EF8310CF-C95B-4A94-8A0B-834EFD4060F5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.)
Task: {F398BC05-C8D9-4AD6-8EA6-E54D0938C611} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {F793F220-60A2-4590-9FD5-8A57D15053A5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {FE0201AA-499D-4258-AA2B-C7BF9F630F43} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.)
Task: {FE2E05E6-0505-42EA-9F11-F33C0096AC0A} - System32\Tasks\Klaus DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-04-01] (Seagate Technology LLC)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CWSLOE.job => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LL.job => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://feed.helperbar.com/?publisher=YahooSM&dpid=YahooSM&co=DE&userid=9d274d60-2961-a68a-7e5a-56a6cdbf4c7b&searchtype=sc&fr=linkury-tb&installDate=14/10/2014&barcodeid=145243&um=0&type=hp15000

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-30 14:26 - 2015-09-21 06:29 - 00613968 ____N () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-08-24 14:39 - 2010-08-24 14:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-02-23 19:34 - 2011-02-23 19:34 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-06-01 18:28 - 2015-06-01 18:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-09-18 08:53 - 2015-09-18 08:53 - 00245912 _____ () C:\Program Files\Sony\VAIO Care\analyzer.dll
2014-03-25 08:53 - 2015-09-17 08:52 - 00150392 _____ () C:\Program Files\totalcmd\wcmzip64.dll
2014-03-25 08:53 - 2015-09-17 08:52 - 00260184 _____ () C:\Program Files\totalcmd\unRAR64.dll
2010-07-29 12:19 - 2010-05-31 18:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-07-29 12:19 - 2010-05-31 18:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-05-26 23:50 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2014-10-15 14:58 - 2014-10-15 14:58 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\31e3a51afdf7182846a26895b07d3416\IsdiInterop.ni.dll
2010-07-12 22:29 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-02-04 15:37 - 2015-02-04 15:37 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll
2015-12-18 08:07 - 2015-12-18 08:07 - 01114648 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2015-05-29 11:36 - 2015-05-29 11:36 - 00008704 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 14:56 - 2015-04-13 14:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00681408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00089024 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00040384 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00044992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00026048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00035264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00025536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2011-01-26 21:10 - 2010-08-20 07:02 - 08640832 _____ () C:\Program Files (x86)\123 Free Solitaire\123FreeSolitaire.exe
2011-01-26 21:10 - 2010-08-20 07:02 - 08241472 _____ () C:\Program Files (x86)\123 Free Solitaire\SOL.RGF
2011-01-26 21:10 - 2010-08-20 07:02 - 00539968 _____ () C:\Program Files (x86)\123 Free Solitaire\SOL2.RGF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:C87E9264B810F2F2
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:6B0023F8
AlternateDataStreams: C:\ProgramData\TEMP:8F6FBE7F

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{96D7ED9C-396D-4694-8F87-6539D9691DD4}] => (Allow) svchost.exe
FirewallRules: [{1E71CD3C-2050-415F-B5CA-74C2F0623E33}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{3D7BF2D0-63A5-426C-9ED1-71AE1044DF9A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{BF0A325E-E4B1-4325-B6C9-B63D6FF9BD20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1CEE091F-0570-4767-A6C2-8C83B04957D3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3543A0D8-49D8-4D61-A6F4-E5EC4E908C96}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{CA87C826-4839-4C8D-B125-22176CFAE7F7}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{A4904A6B-FB4E-4AA8-B8A1-240E1E15C221}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{24A5CC1F-1D18-4AE3-ADC0-25ECA87510C8}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [{2A652DD3-9569-4621-BB0A-97AAA8CC4687}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe
FirewallRules: [{FBBBC668-5535-47AA-9E67-5510FA4D07D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe
FirewallRules: [{CFFCDC5B-B399-4024-8713-07B824F1893A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe
FirewallRules: [{016927C7-1648-4969-9FDA-482F18C927AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{9D061F69-0602-471C-A0B9-AE30DBC49EE0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8B8381C7-C8F7-480F-BDBD-ED75D19B5200}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9936BC3B-5870-487B-B3C2-4222524E6980}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{151D7654-4584-4E37-A6DB-BFF7C986826F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{1000CD98-4666-456F-8959-59FF989FB354}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{EE87E345-DB27-4DAA-A12C-1480BFE26AF0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{5544699B-8D06-41D6-A99C-F187B74163E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6FEFC0FC-9E90-476F-94C1-D5EB03C76798}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{8A72C6B0-CFB4-4220-820C-C5F33BB955B7}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{55D26F48-0ADF-4517-9556-FCEB79CE33BE}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{52EC8465-7E7F-4359-B351-B255C67DAF8F}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{DF8C7E65-D056-4B2B-ABFA-51034955DA55}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{64731D5B-735F-4D6C-B9A1-36D7C4661428}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5735261D-7661-4966-B685-DF2FC439215C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{60D5B047-B633-4183-89BF-ACE03ACCE89E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B5B057C-3CE7-4D8F-B905-CEB53AD9968F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6AEC4D38-7111-43C2-B0B1-0B80580E1C3F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D419FE31-AF09-4E51-B967-8B099E31466F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BD2A36F2-CB46-4A9C-9316-FFBDE963E1CD}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{712C158E-9B77-4BFF-A47B-E22359DCABD0}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C88A3359-EECC-4742-9C85-50156A28B1BB}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe
FirewallRules: [{640EF910-C2CF-452F-AFEF-17B73F35847F}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe
FirewallRules: [TCP Query User{765A819E-5F66-48C4-B2FA-7EB028B04085}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe
FirewallRules: [UDP Query User{CA30D60D-5EA0-4443-949E-916698570FF9}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe
FirewallRules: [TCP Query User{D204BE1F-4813-4E9E-B879-A3965ACE3207}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe
FirewallRules: [UDP Query User{BD1C34E8-0FB6-40A9-A201-665D764E5928}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe
FirewallRules: [{05076517-5D3A-430A-AFAD-FC04AABC22AD}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe
FirewallRules: [{D7C5C439-F863-4C31-9FA9-A3B0C5885ADC}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe
FirewallRules: [{58CF50B0-AE11-4611-A044-06B84A345F50}] => (Allow) LPort=8888
FirewallRules: [{864FD215-E051-4F7E-8B62-F676E32D3A13}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9CE9AA1E-EC8E-448B-BE08-11E1CE4DC743}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA3B25EB-82AC-4B9B-91B9-E66E3B3D0D3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5FF080A5-A3C0-463F-96C1-9655CC6AAA76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F2415DCE-2081-40EE-86D2-250D05FBF005}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{ADF13BC7-65D5-4C79-82C7-7A65E4772B03}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{27027F1E-9964-48D6-801A-616FEE13DF3F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{A12DC2D5-1928-4EC0-9D5C-F320A51AEA31}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{FAF0C2B2-4525-490A-9484-6F38EAA82019}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{269BD79F-F0CB-49D5-A1E1-0D4A20B86D15}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C5417D7B-FB87-4176-8A04-64CC43BBB41B}] => (Allow) LPort=2869
FirewallRules: [{E51322BB-8956-495D-A3EB-0DE7A056FF25}] => (Allow) LPort=1900
FirewallRules: [{3E905ED1-4505-4159-9938-114B4C9CBEF9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{02194C6D-AD1B-4F6A-BBB5-CB801CF09BF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9CEC52A-34EF-4C24-AB9B-2D0C4753191A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 6510 series
Description: Photosmart 6510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ttnfd
Description: ttnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ttnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60137979

Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60137979

Error: (12/21/2015 12:58:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60136653

Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60136653

Error: (12/21/2015 12:58:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60135593

Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60135593

Error: (12/21/2015 12:58:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/20/2015 08:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31949


Systemfehler:
=============
Error: (12/21/2015 01:02:08 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (12/21/2015 01:02:08 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (12/21/2015 12:59:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DiagTrack erreicht.

Error: (12/20/2015 07:11:59 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 05:32:40 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 05:30:51 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 05:13:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 04:37:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 03:11:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (12/20/2015 02:36:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0


CodeIntegrity:
===================================
  Date: 2015-07-28 09:13:03.826
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 09:13:03.733
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 09:13:03.249
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 09:13:03.171
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2012-12-12 19:55:04.627
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-12 19:54:50.837
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-12 19:54:29.793
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-12 19:54:29.262
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-12 19:38:35.537
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-12 19:38:26.224
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 79%
Installierter physikalischer RAM: 3950.1 MB
Verfügbarer physikalischer RAM: 822.54 MB
Summe virtueller Speicher: 7898.4 MB
Verfügbarer virtueller Speicher: 2619.57 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:228.21 GB) (Free:31.94 GB) NTFS
Drive d: (Daten) (Fixed) (Total:224.11 GB) (Free:17.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AA1C306D)
Partition 1: (Not Active) - (Size=13.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=228.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=224.1 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================

--- --- ---

vG
Klaus

Deathkid535 · 21.12.2015, 14:34

Hi,

Schritt # 1: TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt # 2: Bitte Posten

Das Log von TDSS Killer

klaus45 · 21.12.2015, 15:01

Hi,

Code:

ATTFilter

14:51:38.0380 0x1858  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:51:49.0755 0x1858  ============================================================
14:51:49.0756 0x1858  Current date / time: 2015/12/21 14:51:49.0755
14:51:49.0756 0x1858  SystemInfo:
14:51:49.0756 0x1858  
14:51:49.0756 0x1858  OS Version: 6.1.7601 ServicePack: 1.0
14:51:49.0756 0x1858  Product type: Workstation
14:51:49.0756 0x1858  ComputerName: LAPTOP
14:51:49.0756 0x1858  UserName: Klaus
14:51:49.0756 0x1858  Windows directory: C:\Windows
14:51:49.0756 0x1858  System windows directory: C:\Windows
14:51:49.0757 0x1858  Running under WOW64
14:51:49.0757 0x1858  Processor architecture: Intel x64
14:51:49.0757 0x1858  Number of processors: 4
14:51:49.0757 0x1858  Page size: 0x1000
14:51:49.0757 0x1858  Boot type: Normal boot
14:51:49.0757 0x1858  ============================================================
14:51:53.0416 0x1858  KLMD registered as C:\Windows\system32\drivers\16136149.sys
14:51:57.0472 0x1858  System UUID: {5F620EDD-B461-7217-F5E6-EC7668405CA4}
14:52:00.0557 0x1858  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:52:00.0596 0x1858  ============================================================
14:52:00.0596 0x1858  \Device\Harddisk0\DR0:
14:52:00.0597 0x1858  MBR partitions:
14:52:00.0597 0x1858  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AAD800, BlocksNum 0x32000
14:52:00.0597 0x1858  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1ADF800, BlocksNum 0x1C86C030
14:52:00.0608 0x1858  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E34C800, BlocksNum 0x1C039000
14:52:00.0609 0x1858  ============================================================
14:52:08.0124 0x1858  C: <-> \Device\Harddisk0\DR0\Partition2
14:52:08.0182 0x1858  D: <-> \Device\Harddisk0\DR0\Partition3
14:52:08.0629 0x1858  ============================================================
14:52:08.0629 0x1858  Initialize success
14:52:08.0630 0x1858  ============================================================
14:53:05.0043 0x5690  ============================================================
14:53:05.0043 0x5690  Scan started
14:53:05.0043 0x5690  Mode: Manual; SigCheck; TDLFS; 
14:53:05.0043 0x5690  ============================================================
14:53:05.0043 0x5690  KSN ping started
14:53:07.0927 0x5690  KSN ping finished: true
14:53:12.0140 0x5690  ================ Scan system memory ========================
14:53:12.0140 0x5690  System memory - ok
14:53:12.0141 0x5690  ================ Scan services =============================
14:53:12.0866 0x5690  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:53:13.0231 0x5690  1394ohci - ok
14:53:13.0278 0x5690  360AvFlt - ok
14:53:13.0291 0x5690  360Box64 - ok
14:53:13.0370 0x5690  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:53:13.0471 0x5690  ACDaemon - ok
14:53:13.0537 0x5690  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:53:13.0615 0x5690  ACPI - ok
14:53:13.0667 0x5690  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:53:13.0754 0x5690  AcpiPmi - ok
14:53:13.0878 0x5690  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:53:13.0927 0x5690  AdobeARMservice - ok
14:53:14.0102 0x5690  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:53:14.0148 0x5690  AdobeFlashPlayerUpdateSvc - ok
14:53:14.0246 0x5690  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:53:14.0472 0x5690  adp94xx - ok
14:53:14.0576 0x5690  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:53:14.0653 0x5690  adpahci - ok
14:53:14.0702 0x5690  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:53:14.0755 0x5690  adpu320 - ok
14:53:14.0810 0x5690  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:53:14.0912 0x5690  AeLookupSvc - ok
14:53:15.0351 0x5690  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
14:53:15.0573 0x5690  AFD - ok
14:53:15.0624 0x5690  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:53:15.0673 0x5690  agp440 - ok
14:53:15.0705 0x5690  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:53:15.0815 0x5690  ALG - ok
14:53:15.0870 0x5690  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:53:15.0920 0x5690  aliide - ok
14:53:15.0996 0x5690  [ 3F9B03B72577A6A7405BF30801CBD159, BBB2A26136D6F9BBE0D2982689797C6FF89E2026589CCFBB35D9B845C88472DD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:53:16.0457 0x5690  AMD External Events Utility - ok
14:53:16.0504 0x5690  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:53:16.0548 0x5690  amdide - ok
14:53:16.0585 0x5690  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:53:16.0692 0x5690  AmdK8 - ok
14:53:17.0313 0x5690  [ EA244A8B88DE8B5986BF3B7903B063AF, 44BB9CCCB9A15BF64494318CE047017AF27B373FB5B57E5D05C88A16AE913672 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:53:18.0149 0x5690  amdkmdag - ok
14:53:18.0233 0x5690  [ DCA6E341A4A7C31EA8A14C6166C9B249, 35319D428DD5BC055DC1E9B17BFC56C339E408929E9BC83878975DD01A68D652 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:53:18.0323 0x5690  amdkmdap - ok
14:53:18.0368 0x5690  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:53:18.0438 0x5690  AmdPPM - ok
14:53:18.0505 0x5690  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:53:18.0560 0x5690  amdsata - ok
14:53:18.0614 0x5690  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:53:18.0680 0x5690  amdsbs - ok
14:53:18.0700 0x5690  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:53:18.0742 0x5690  amdxata - ok
14:53:18.0918 0x5690  [ A67DA34878CE085349F010B211EC213A, F16E09DB13C669FFBBC53BBB57CC394BC886FD4B167AFCCDAEAE84E21818C2D1 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
14:53:19.0381 0x5690  AntiVirMailService - ok
14:53:19.0453 0x5690  [ AE8F14295E704D9FD52092B81B3E1F09, FF0AA062D23903A3E3769713AB2F2D4AB307203C9726B9F0783B3E7DDEF08E6D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
14:53:19.0540 0x5690  AntiVirSchedulerService - ok
14:53:19.0633 0x5690  [ AE8F14295E704D9FD52092B81B3E1F09, FF0AA062D23903A3E3769713AB2F2D4AB307203C9726B9F0783B3E7DDEF08E6D ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
14:53:19.0733 0x5690  AntiVirService - ok
14:53:19.0858 0x5690  [ 807AE684CD6BDE9A8692B023993FAF48, 3671002909383757222AD02F717F5A7290F43AA2DD0CC05B4FF451F209E48DDD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
14:53:21.0433 0x5690  AntiVirWebService - ok
14:53:21.0635 0x5690  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
14:53:21.0936 0x5690  AppHostSvc - ok
14:53:22.0014 0x5690  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
14:53:22.0114 0x5690  AppID - ok
14:53:22.0134 0x5690  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:53:22.0227 0x5690  AppIDSvc - ok
14:53:22.0293 0x5690  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
14:53:22.0440 0x5690  Appinfo - ok
14:53:22.0619 0x5690  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:53:22.0681 0x5690  Apple Mobile Device Service - ok
14:53:22.0726 0x5690  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:53:22.0775 0x5690  arc - ok
14:53:22.0799 0x5690  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:53:22.0847 0x5690  arcsas - ok
14:53:22.0875 0x5690  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:53:22.0903 0x5690  ArcSoftKsUFilter - ok
14:53:23.0395 0x5690  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:53:23.0498 0x5690  aspnet_state - ok
14:53:23.0550 0x5690  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:53:23.0802 0x5690  AsyncMac - ok
14:53:23.0851 0x5690  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:53:23.0888 0x5690  atapi - ok
14:53:24.0039 0x5690  [ CCA705CDF038D5BC243203CE4416B345, C907A4022411D9FDFD5FCEA8D067CF1713F786351FAFA739EDC5B5C3E66B1BAD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:53:24.0254 0x5690  athr - ok
14:53:24.0689 0x54dc  Object required for P2P: [ 807AE684CD6BDE9A8692B023993FAF48 ] AntiVirWebService
14:53:24.0817 0x5690  [ EA244A8B88DE8B5986BF3B7903B063AF, 44BB9CCCB9A15BF64494318CE047017AF27B373FB5B57E5D05C88A16AE913672 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:53:25.0305 0x5690  atikmdag - ok
14:53:25.0462 0x5690  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:53:25.0613 0x5690  AudioEndpointBuilder - ok
14:53:25.0669 0x5690  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:53:25.0743 0x5690  AudioSrv - ok
14:53:25.0893 0x5690  [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:53:26.0197 0x5690  avgntflt - ok
14:53:26.0251 0x5690  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:53:26.0479 0x5690  avipbb - ok
14:53:26.0618 0x5690  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:53:26.0710 0x5690  Avira.ServiceHost - ok
14:53:26.0759 0x5690  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:53:26.0799 0x5690  avkmgr - ok
14:53:26.0869 0x5690  [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
14:53:27.0264 0x5690  avnetflt - ok
14:53:27.0278 0x54dc  Object send P2P result: true
14:53:27.0360 0x5690  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:53:27.0513 0x5690  AxInstSV - ok
14:53:27.0586 0x5690  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:53:27.0725 0x5690  b06bdrv - ok
14:53:27.0779 0x5690  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:53:27.0887 0x5690  b57nd60a - ok
14:53:27.0937 0x5690  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:53:28.0055 0x5690  BDESVC - ok
14:53:28.0070 0x5690  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:53:28.0243 0x5690  Beep - ok
14:53:28.0441 0x5690  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:53:28.0724 0x5690  BFE - ok
14:53:28.0844 0x5690  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:53:29.0269 0x5690  BITS - ok
14:53:29.0313 0x5690  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:53:29.0379 0x5690  blbdrive - ok
14:53:29.0506 0x5690  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:53:29.0594 0x5690  Bonjour Service - ok
14:53:29.0735 0x5690  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:53:29.0859 0x5690  bowser - ok
14:53:29.0895 0x5690  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:53:30.0013 0x5690  BrFiltLo - ok
14:53:30.0038 0x5690  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:53:30.0106 0x5690  BrFiltUp - ok
14:53:30.0168 0x5690  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:53:30.0268 0x5690  Browser - ok
14:53:30.0311 0x5690  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:53:30.0422 0x5690  Brserid - ok
14:53:30.0454 0x5690  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:53:30.0524 0x5690  BrSerWdm - ok
14:53:30.0568 0x5690  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:53:30.0639 0x5690  BrUsbMdm - ok
14:53:30.0656 0x5690  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:53:30.0714 0x5690  BrUsbSer - ok
14:53:30.0782 0x5690  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:53:30.0863 0x5690  BthEnum - ok
14:53:30.0895 0x5690  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:53:30.0962 0x5690  BTHMODEM - ok
14:53:31.0007 0x5690  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:53:31.0099 0x5690  BthPan - ok
14:53:31.0465 0x5690  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:53:31.0585 0x5690  BTHPORT - ok
14:53:31.0639 0x5690  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:53:31.0797 0x5690  bthserv - ok
14:53:31.0830 0x5690  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:53:31.0887 0x5690  BTHUSB - ok
14:53:31.0949 0x5690  [ 59E3510784548C6939C1B3B985C232E3, 7284A4A880307A88C431DE8BA9195C2B256C8598757958B02DB6A80EBB57698E ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
14:53:32.0042 0x5690  btwampfl - ok
14:53:32.0074 0x5690  [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
14:53:32.0121 0x5690  btwaudio - ok
14:53:32.0234 0x5690  [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
14:53:32.0370 0x5690  btwavdt - ok
14:53:32.0510 0x5690  [ 8BA6E93A182126781952A7895EC1E4B2, C11F7187278BA72016D2168E653D6C904E0DFB5B173E4DFBF7D86AD73631D5A6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:53:32.0680 0x5690  btwdins - ok
14:53:32.0707 0x5690  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
14:53:32.0749 0x5690  btwl2cap - ok
14:53:32.0772 0x5690  [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
14:53:32.0806 0x5690  btwrchid - ok
14:53:32.0835 0x5690  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:53:33.0001 0x5690  cdfs - ok
14:53:33.0075 0x5690  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:53:33.0157 0x5690  cdrom - ok
14:53:33.0227 0x5690  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:53:33.0410 0x5690  CertPropSvc - ok
14:53:33.0454 0x5690  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:53:33.0532 0x5690  circlass - ok
14:53:33.0853 0x5690  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:53:33.0947 0x5690  CLFS - ok
14:53:34.0023 0x5690  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:53:34.0077 0x5690  clr_optimization_v2.0.50727_32 - ok
14:53:34.0143 0x5690  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:53:34.0195 0x5690  clr_optimization_v2.0.50727_64 - ok
14:53:34.0338 0x5690  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:53:34.0509 0x5690  clr_optimization_v4.0.30319_32 - ok
14:53:34.0554 0x5690  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:53:34.0631 0x5690  clr_optimization_v4.0.30319_64 - ok
14:53:34.0662 0x5690  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:53:34.0807 0x5690  CmBatt - ok
14:53:34.0846 0x5690  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:53:34.0895 0x5690  cmdide - ok
14:53:34.0974 0x5690  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:53:35.0100 0x5690  CNG - ok
14:53:35.0148 0x5690  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:53:35.0187 0x5690  Compbatt - ok
14:53:35.0229 0x5690  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:53:35.0311 0x5690  CompositeBus - ok
14:53:35.0331 0x5690  COMSysApp - ok
14:53:35.0445 0x5690  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:53:35.0686 0x5690  crcdisk - ok
14:53:35.0779 0x5690  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:53:35.0900 0x5690  CryptSvc - ok
14:53:35.0978 0x5690  [ B1C55A95006D621D04FE4A23F86C0A54, 41AE30A454FC3051AFC316A3BD61D96A27E6E4C3B94955F2026549027C1EA9BE ] DCamUSBEMPIA    C:\Windows\system32\DRIVERS\emDevice64.sys
14:53:36.0425 0x5690  DCamUSBEMPIA - ok
14:53:37.0171 0x5690  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:53:37.0610 0x5690  DcomLaunch - ok
14:53:37.0676 0x5690  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:53:37.0886 0x5690  defragsvc - ok
14:53:37.0963 0x5690  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:53:38.0203 0x5690  DfsC - ok
14:53:38.0293 0x5690  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:53:38.0476 0x5690  Dhcp - ok
14:53:38.0706 0x5690  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:53:39.0246 0x5690  DiagTrack - ok
14:53:39.0277 0x5690  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:53:39.0463 0x5690  discache - ok
14:53:39.0539 0x5690  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:53:39.0583 0x5690  Disk - ok
14:53:39.0649 0x5690  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:53:39.0802 0x5690  Dnscache - ok
14:53:39.0862 0x5690  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:53:40.0046 0x5690  dot3svc - ok
14:53:40.0100 0x5690  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:53:40.0259 0x5690  DPS - ok
14:53:40.0311 0x5690  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:53:40.0383 0x5690  drmkaud - ok
14:53:40.0573 0x5690  [ 1ED08A6264C5C92099D6D1DAE5E8F530, 4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
14:53:40.0676 0x5690  DrvAgent64 - ok
14:53:40.0795 0x5690  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:53:40.0921 0x5690  DXGKrnl - ok
14:53:40.0967 0x5690  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:53:41.0117 0x5690  EapHost - ok
14:53:41.0364 0x5690  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:53:41.0786 0x5690  ebdrv - ok
14:53:41.0845 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
14:53:41.0962 0x5690  EFS - ok
14:53:42.0070 0x5690  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:53:42.0499 0x5690  ehRecvr - ok
14:53:42.0537 0x5690  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:53:42.0642 0x5690  ehSched - ok
14:53:42.0997 0x5690  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
14:53:43.0117 0x5690  ElbyCDFL - ok
14:53:43.0219 0x5690  [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
14:53:43.0273 0x5690  ElbyCDIO - ok
14:53:43.0397 0x5690  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:53:43.0486 0x5690  elxstor - ok
14:53:43.0566 0x5690  [ 8543BB84CD5872CD1619183F5CBBE3F9, 72009227CCFA644360217A40C9AE4C8860808026EF2BD3A76FB908FB3A35093A ] emAudio         C:\Windows\system32\drivers\emAudio64.sys
14:53:43.0668 0x5690  emAudio - ok
14:53:43.0714 0x5690  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:53:43.0773 0x5690  ErrDev - ok
14:53:43.0929 0x5690  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:53:44.0155 0x5690  EventSystem - ok
14:53:44.0215 0x5690  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:53:44.0557 0x5690  exfat - ok
14:53:44.0811 0x5690  Fabs - ok
14:53:44.0868 0x5690  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:53:45.0050 0x5690  fastfat - ok
14:53:45.0169 0x5690  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:53:45.0365 0x5690  Fax - ok
14:53:45.0413 0x5690  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:53:45.0476 0x5690  fdc - ok
14:53:45.0520 0x5690  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:53:45.0690 0x5690  fdPHost - ok
14:53:45.0715 0x5690  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:53:45.0905 0x5690  FDResPub - ok
14:53:45.0958 0x5690  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:53:46.0014 0x5690  FileInfo - ok
14:53:46.0050 0x5690  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:53:46.0176 0x5690  Filetrace - ok
14:53:46.0214 0x5690  [ 73FBB50C4D92ADC30A9D57A269489A0B, 10DBC65126EEA820B829521C882A4AFE3BCD86ED53C703703DF2149A0220E10F ] FiltUSBEMPIA    C:\Windows\system32\DRIVERS\emFilter64.sys
14:53:46.0295 0x5690  FiltUSBEMPIA - ok
14:53:46.0557 0x5690  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:53:47.0068 0x5690  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
14:53:49.0528 0x5690  Detect skipped due to KSN trusted
14:53:49.0529 0x5690  FirebirdServerMAGIXInstance - ok
14:53:49.0967 0x5690  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:53:50.0102 0x5690  FLEXnet Licensing Service - ok
14:53:50.0140 0x5690  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:53:50.0193 0x5690  flpydisk - ok
14:53:50.0265 0x5690  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:53:50.0347 0x5690  FltMgr - ok
14:53:50.0510 0x5690  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
14:53:51.0010 0x5690  FontCache - ok
14:53:51.0091 0x5690  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:53:51.0121 0x5690  FontCache3.0.0.0 - ok
14:53:51.0240 0x5690  [ 07AF7870ABF051EBBAE8A8A92FF34ABE, D5FD122A8F1984DA33EB8A0B70F11E5C7B48744B80C182A3B7891CFBC30B2BD3 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
14:53:51.0292 0x5690  FreeAgentGoNext Service - ok
14:53:51.0323 0x5690  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:53:51.0364 0x5690  FsDepends - ok
14:53:51.0415 0x5690  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:53:51.0548 0x5690  Fs_Rec - ok
14:53:51.0768 0x0670  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
14:53:51.0802 0x5690  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:53:51.0879 0x5690  fvevol - ok
14:53:51.0915 0x5690  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:53:51.0957 0x5690  gagp30kx - ok
14:53:52.0014 0x5690  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:53:52.0049 0x5690  GEARAspiWDM - ok
14:53:52.0160 0x5690  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:53:52.0604 0x5690  gpsvc - ok
14:53:52.0729 0x5690  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:53:52.0762 0x5690  gupdate - ok
14:53:52.0784 0x5690  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:53:52.0815 0x5690  gupdatem - ok
14:53:53.0085 0x5690  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:53:53.0474 0x5690  hcw85cir - ok
14:53:53.0574 0x5690  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:53:53.0701 0x5690  HdAudAddService - ok
14:53:53.0737 0x5690  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:53:53.0829 0x5690  HDAudBus - ok
14:53:53.0882 0x5690  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\drivers\HECIx64.sys
14:53:53.0938 0x5690  HECIx64 - ok
14:53:54.0015 0x5690  [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys    C:\Windows\system32\drivers\HH10Help.sys
14:53:54.0196 0x5690  HH10Help.sys - ok
14:53:54.0294 0x5690  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:53:54.0377 0x0670  Object send P2P result: true
14:53:54.0396 0x5690  HidBatt - ok
14:53:54.0455 0x5690  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:53:54.0610 0x5690  HidBth - ok
14:53:54.0707 0x5690  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:53:54.0767 0x5690  HidIr - ok
14:53:54.0837 0x5690  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:53:55.0382 0x5690  hidserv - ok
14:53:55.0454 0x5690  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:53:55.0602 0x5690  HidUsb - ok
14:53:55.0663 0x5690  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:53:55.0876 0x5690  hkmsvc - ok
14:53:55.0936 0x5690  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:53:56.0052 0x5690  HomeGroupListener - ok
14:53:56.0141 0x5690  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:53:56.0231 0x5690  HomeGroupProvider - ok
14:53:56.0293 0x5690  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:53:56.0344 0x5690  HpSAMD - ok
14:53:56.0470 0x5690  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:53:56.0620 0x5690  HTTP - ok
14:53:56.0712 0x5690  [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:53:56.0819 0x5690  hwdatacard - ok
14:53:56.0870 0x5690  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:53:56.0908 0x5690  hwpolicy - ok
14:53:57.0017 0x5690  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:53:57.0063 0x5690  i8042prt - ok
14:53:57.0140 0x5690  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
14:53:57.0203 0x5690  iaStor - ok
14:53:57.0285 0x5690  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:53:57.0320 0x5690  IAStorDataMgrSvc - ok
14:53:57.0388 0x5690  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:53:57.0469 0x5690  iaStorV - ok
14:53:57.0588 0x5690  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:53:57.0695 0x5690  idsvc - ok
14:53:57.0726 0x5690  IEEtwCollectorService - ok
14:53:58.0494 0x5690  [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:54:00.0221 0x5690  igfx - detected UnsignedFile.Multi.Generic ( 1 )
14:54:02.0678 0x5690  Detect skipped due to KSN trusted
14:54:02.0681 0x5690  igfx - ok
14:54:02.0723 0x5690  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:54:02.0768 0x5690  iirsp - ok
14:54:02.0862 0x5690  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:54:03.0019 0x5690  IKEEXT - ok
14:54:03.0101 0x5690  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\drivers\Impcd.sys
14:54:03.0186 0x5690  Impcd - ok
14:54:03.0389 0x5690  [ 526E482AFB586CB1CDD687869DECF686, DCF1D4772181AD14E8846C9B34387ADB6A8D56BE305A8926896AE35D3496A49F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:54:04.0573 0x5690  IntcAzAudAddService - ok
14:54:04.0658 0x5690  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:54:04.0777 0x5690  IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )
14:54:07.0261 0x5690  Detect skipped due to KSN trusted
14:54:07.0261 0x5690  IntcDAud - ok
14:54:07.0407 0x5690  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:54:07.0441 0x5690  intelide - ok
14:54:07.0478 0x5690  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:54:07.0552 0x5690  intelppm - ok
14:54:07.0855 0x5690  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:54:07.0963 0x5690  IPBusEnum - ok
14:54:08.0013 0x5690  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:08.0151 0x5690  IpFilterDriver - ok
14:54:08.0233 0x5690  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:54:08.0380 0x5690  iphlpsvc - ok
14:54:08.0424 0x5690  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:54:08.0482 0x5690  IPMIDRV - ok
14:54:08.0544 0x5690  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:54:08.0672 0x5690  IPNAT - ok
14:54:09.0110 0x5690  [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:54:09.0193 0x5690  iPod Service - ok
14:54:09.0241 0x5690  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:54:09.0652 0x5690  IRENUM - ok
14:54:09.0688 0x5690  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:54:09.0732 0x5690  isapnp - ok
14:54:09.0784 0x5690  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:54:09.0859 0x5690  iScsiPrt - ok
14:54:09.0890 0x5690  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:54:09.0934 0x5690  kbdclass - ok
14:54:09.0985 0x5690  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:54:10.0059 0x5690  kbdhid - ok
14:54:10.0088 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
14:54:10.0148 0x5690  KeyIso - ok
14:54:10.0197 0x5690  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:54:10.0237 0x5690  KSecDD - ok
14:54:10.0265 0x5690  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:54:10.0328 0x5690  KSecPkg - ok
14:54:10.0370 0x5690  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:54:10.0511 0x5690  ksthunk - ok
14:54:10.0570 0x5690  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:54:10.0780 0x5690  KtmRm - ok
14:54:10.0870 0x5690  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:54:11.0075 0x5690  LanmanServer - ok
14:54:11.0405 0x5690  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:54:11.0562 0x5690  LanmanWorkstation - ok
14:54:11.0599 0x5690  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:54:11.0751 0x5690  lltdio - ok
14:54:11.0815 0x5690  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:54:12.0018 0x5690  lltdsvc - ok
14:54:12.0052 0x5690  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:54:12.0222 0x5690  lmhosts - ok
14:54:12.0301 0x5690  [ 3D23191672D83E90D1CF63927EE98136, 90EC8E0E0FCC838B7D258C76A5C92335A2F2B7AE36BD87B3BB4BCF187770B6DE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:54:12.0371 0x5690  LMS - ok
14:54:12.0445 0x5690  [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55, 265BDBC10CC256CB35F2BF5A9A25246D1859400087370A2B629783B9D3F7D0D4 ] LPDSVC          C:\Windows\system32\lpdsvc.dll
14:54:12.0552 0x5690  LPDSVC - ok
14:54:12.0604 0x5690  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:54:12.0654 0x5690  LSI_FC - ok
14:54:12.0678 0x5690  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:54:12.0724 0x5690  LSI_SAS - ok
14:54:12.0758 0x5690  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:54:12.0802 0x5690  LSI_SAS2 - ok
14:54:12.0843 0x5690  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:54:12.0883 0x5690  LSI_SCSI - ok
14:54:12.0916 0x5690  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:54:13.0065 0x5690  luafv - ok
14:54:13.0135 0x5690  [ B2085E335F2B57077B0CBADB6F1245CD, 69C81753B2ABAE8C89CEDADFCB73FB332E5FCD555576959AD412BF036EC9E343 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
14:54:13.0203 0x5690  lvpopf64 - ok
14:54:13.0213 0x5690  LVPr2M64 - ok
14:54:13.0267 0x5690  [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:54:13.0339 0x5690  LVRS64 - ok
14:54:13.0784 0x5690  [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:54:14.0501 0x5690  LVUVC64 - ok
14:54:14.0973 0x5690  [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
14:54:15.0063 0x5690  MarvinBus - ok
14:54:15.0192 0x5690  [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
14:54:15.0262 0x5690  McComponentHostServiceSony - ok
14:54:15.0319 0x5690  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
14:54:15.0437 0x5690  mcdbus - ok
14:54:15.0520 0x5690  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:54:15.0573 0x5690  Mcx2Svc - ok
14:54:15.0713 0x5690  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:54:15.0790 0x5690  MDM - detected UnsignedFile.Multi.Generic ( 1 )
14:54:18.0266 0x5690  Detect skipped due to KSN trusted
14:54:18.0266 0x5690  MDM - ok
14:54:18.0348 0x5690  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:54:18.0382 0x5690  megasas - ok
14:54:18.0423 0x5690  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:54:18.0506 0x5690  MegaSR - ok
14:54:18.0533 0x5690  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:54:18.0678 0x5690  MMCSS - ok
14:54:18.0708 0x5690  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:54:18.0845 0x5690  Modem - ok
14:54:18.0875 0x5690  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:54:18.0957 0x5690  monitor - ok
14:54:18.0970 0x5690  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:54:19.0017 0x5690  mouclass - ok
14:54:19.0064 0x5690  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:54:19.0176 0x5690  mouhid - ok
14:54:19.0227 0x5690  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:54:19.0266 0x5690  mountmgr - ok
14:54:19.0325 0x5690  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:54:19.0400 0x5690  MpFilter - ok
14:54:19.0670 0x5690  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:54:19.0712 0x5690  mpio - ok
14:54:19.0745 0x5690  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:54:19.0904 0x5690  mpsdrv - ok
14:54:20.0336 0x5690  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:54:20.0629 0x5690  MpsSvc - ok
14:54:20.0686 0x5690  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:54:20.0778 0x5690  MRxDAV - ok
14:54:20.0838 0x5690  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:20.0986 0x5690  mrxsmb - ok
14:54:21.0030 0x5690  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:21.0186 0x5690  mrxsmb10 - ok
14:54:21.0216 0x5690  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:21.0328 0x5690  mrxsmb20 - ok
14:54:21.0678 0x5690  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:54:21.0725 0x5690  msahci - ok
14:54:22.0414 0x5690  [ B7A248E6BCAE3B17791A51A836DAE264, B37C0CBF07AAC24F46DAA63BAABF2780DC7BDD4C57EFA3834E0A43286BA188F0 ] MsDepSvc        C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
14:54:22.0468 0x5690  MsDepSvc - ok
14:54:22.0529 0x5690  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:54:22.0589 0x5690  msdsm - ok
14:54:22.0624 0x5690  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:54:22.0712 0x5690  MSDTC - ok
14:54:22.0767 0x5690  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:54:22.0912 0x5690  Msfs - ok
14:54:23.0192 0x5690  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:54:23.0308 0x5690  mshidkmdf - ok
14:54:23.0341 0x5690  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:54:23.0373 0x5690  msisadrv - ok
14:54:23.0428 0x5690  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:54:23.0596 0x5690  MSiSCSI - ok
14:54:23.0607 0x5690  msiserver - ok
14:54:23.0645 0x5690  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:54:23.0778 0x5690  MSKSSRV - ok
14:54:23.0909 0x5690  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:54:23.0951 0x5690  MsMpSvc - ok
14:54:23.0990 0x5690  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:24.0125 0x5690  MSPCLOCK - ok
14:54:24.0152 0x5690  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:54:24.0266 0x5690  MSPQM - ok
14:54:24.0339 0x5690  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:54:24.0419 0x5690  MsRPC - ok
14:54:24.0465 0x5690  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:54:24.0504 0x5690  mssmbios - ok
14:54:24.0543 0x5690  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:54:24.0672 0x5690  MSTEE - ok
14:54:24.0794 0x5690  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:54:25.0061 0x5690  MTConfig - ok
14:54:25.0097 0x5690  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:54:25.0140 0x5690  Mup - ok
14:54:25.0220 0x5690  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:54:25.0483 0x5690  napagent - ok
14:54:25.0666 0x5690  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:54:25.0790 0x5690  NativeWifiP - ok
14:54:25.0927 0x5690  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:54:26.0094 0x5690  NDIS - ok
14:54:26.0138 0x5690  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:54:26.0319 0x5690  NdisCap - ok
14:54:26.0365 0x5690  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:26.0551 0x5690  NdisTapi - ok
14:54:26.0629 0x5690  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:26.0816 0x5690  Ndisuio - ok
14:54:26.0852 0x5690  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:27.0021 0x5690  NdisWan - ok
14:54:27.0073 0x5690  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:54:27.0240 0x5690  NDProxy - ok
14:54:27.0522 0x5690  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:54:27.0563 0x5690  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:54:30.0088 0x5690  Detect skipped due to KSN trusted
14:54:30.0088 0x5690  Net Driver HPZ12 - ok
14:54:30.0440 0x5690  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
14:54:30.0498 0x5690  Netaapl - ok
14:54:30.0544 0x5690  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:54:30.0931 0x5690  NetBIOS - ok
14:54:30.0996 0x5690  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:54:31.0201 0x5690  NetBT - ok
14:54:31.0229 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
14:54:31.0274 0x5690  Netlogon - ok
14:54:31.0338 0x5690  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:54:31.0514 0x5690  Netman - ok
14:54:31.0628 0x5690  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:54:31.0730 0x5690  NetMsmqActivator - ok
14:54:31.0771 0x5690  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:54:31.0837 0x5690  NetPipeActivator - ok
14:54:31.0913 0x5690  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:54:32.0122 0x5690  netprofm - ok
14:54:32.0166 0x5690  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:54:32.0220 0x5690  NetTcpActivator - ok
14:54:32.0254 0x5690  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:54:32.0315 0x5690  NetTcpPortSharing - ok
14:54:32.0362 0x5690  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:54:32.0410 0x5690  nfrd960 - ok
14:54:32.0480 0x5690  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:54:32.0550 0x5690  NisDrv - ok
14:54:32.0996 0x5690  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
14:54:33.0086 0x5690  NisSrv - ok
14:54:33.0154 0x5690  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:54:33.0297 0x5690  NlaSvc - ok
14:54:33.0349 0x5690  NPF - ok
14:54:33.0392 0x5690  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:54:33.0538 0x5690  Npfs - ok
14:54:33.0571 0x5690  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:54:33.0711 0x5690  nsi - ok
14:54:33.0727 0x5690  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:54:33.0861 0x5690  nsiproxy - ok
14:54:34.0013 0x5690  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:54:34.0210 0x5690  Ntfs - ok
14:54:34.0246 0x5690  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:54:34.0368 0x5690  Null - ok
14:54:34.0428 0x5690  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:54:34.0477 0x5690  nvraid - ok
14:54:34.0548 0x5690  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:54:34.0606 0x5690  nvstor - ok
14:54:34.0666 0x5690  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:54:34.0711 0x5690  nv_agp - ok
14:54:34.0735 0x5690  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:54:34.0777 0x5690  ohci1394 - ok
14:54:34.0856 0x5690  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:54:34.0895 0x5690  ose - ok
14:54:35.0336 0x5690  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:54:35.0757 0x5690  osppsvc - ok
14:54:35.0837 0x5690  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:54:35.0924 0x5690  p2pimsvc - ok
14:54:35.0965 0x5690  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:54:36.0044 0x5690  p2psvc - ok
14:54:36.0315 0x5690  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:54:36.0380 0x5690  Parport - ok
14:54:36.0424 0x5690  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:54:36.0464 0x5690  partmgr - ok
14:54:36.0538 0x5690  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:54:36.0671 0x5690  PcaSvc - ok
14:54:36.0698 0x5690  pccsmcfd - ok
14:54:37.0017 0x5690  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:54:37.0074 0x5690  pci - ok
14:54:37.0111 0x5690  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:54:37.0148 0x5690  pciide - ok
14:54:37.0201 0x5690  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:54:37.0283 0x5690  pcmcia - ok
14:54:37.0350 0x5690  [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
14:54:37.0414 0x5690  pcouffin - ok
14:54:37.0453 0x5690  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:54:37.0551 0x5690  pcw - ok
14:54:37.0704 0x5690  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:54:37.0834 0x5690  PEAUTH - ok
14:54:38.0563 0x5690  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:54:38.0623 0x5690  PerfHost - ok
14:54:38.0790 0x5690  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

mfg Klaus

klaus45 · 21.12.2015, 15:01

Code:

ATTFilter

14:54:39.0080 0x5690  pla - ok
14:54:39.0173 0x5690  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:54:39.0347 0x5690  PlugPlay - ok
14:54:39.0451 0x5690  [ CBCEC2C45E7D672EC6E46CBFF23BDF8E, 2E51A0E9A5AE8F017D0AC22D46036FFFAF917CBC6A7C7297B63C1154DFC7FCC6 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
14:54:39.0544 0x5690  PMBDeviceInfoProvider - ok
14:54:39.0630 0x5690  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:54:39.0666 0x5690  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:54:42.0126 0x5690  Detect skipped due to KSN trusted
14:54:42.0126 0x5690  Pml Driver HPZ12 - ok
14:54:42.0170 0x5690  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:54:42.0241 0x5690  PNRPAutoReg - ok
14:54:42.0296 0x5690  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:54:42.0370 0x5690  PNRPsvc - ok
14:54:42.0452 0x5690  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:54:42.0663 0x5690  PolicyAgent - ok
14:54:42.0721 0x5690  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:54:42.0922 0x5690  Power - ok
14:54:42.0985 0x5690  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:54:43.0214 0x5690  PptpMiniport - ok
14:54:43.0487 0x5690  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:54:43.0555 0x5690  Processor - ok
14:54:43.0646 0x5690  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:54:43.0742 0x5690  ProfSvc - ok
14:54:43.0774 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:54:43.0825 0x5690  ProtectedStorage - ok
14:54:43.0890 0x5690  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:54:44.0068 0x5690  Psched - ok
14:54:44.0140 0x5690  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
14:54:44.0272 0x5690  PSI - ok
14:54:44.0319 0x5690  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:54:44.0355 0x5690  PxHlpa64 - ok
14:54:44.0524 0x5690  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:54:44.0787 0x5690  ql2300 - ok
14:54:44.0835 0x5690  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:54:44.0886 0x5690  ql40xx - ok
14:54:44.0943 0x5690  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:54:45.0036 0x5690  QWAVE - ok
14:54:45.0083 0x5690  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:54:45.0164 0x5690  QWAVEdrv - ok
14:54:45.0190 0x5690  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:54:45.0308 0x5690  RasAcd - ok
14:54:45.0359 0x5690  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:54:45.0487 0x5690  RasAgileVpn - ok
14:54:45.0531 0x5690  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:54:45.0638 0x5690  RasAuto - ok
14:54:45.0694 0x5690  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:45.0854 0x5690  Rasl2tp - ok
14:54:45.0910 0x5690  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:54:46.0091 0x5690  RasMan - ok
14:54:46.0376 0x5690  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:46.0502 0x5690  RasPppoe - ok
14:54:46.0533 0x5690  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:54:46.0699 0x5690  RasSstp - ok
14:54:47.0000 0x5690  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:54:47.0199 0x5690  rdbss - ok
14:54:47.0256 0x5690  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:54:47.0300 0x5690  rdpbus - ok
14:54:47.0367 0x5690  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:47.0512 0x5690  RDPCDD - ok
14:54:47.0530 0x5690  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:54:47.0680 0x5690  RDPENCDD - ok
14:54:47.0715 0x5690  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:54:47.0867 0x5690  RDPREFMP - ok
14:54:47.0979 0x5690  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:54:48.0159 0x5690  RdpVideoMiniport - ok
14:54:48.0222 0x5690  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:54:48.0316 0x5690  RDPWD - ok
14:54:48.0385 0x5690  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:54:48.0450 0x5690  rdyboost - ok
14:54:48.0490 0x5690  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:54:48.0827 0x5690  RemoteAccess - ok
14:54:48.0888 0x5690  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:54:49.0052 0x5690  RemoteRegistry - ok
14:54:49.0100 0x5690  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:54:49.0172 0x5690  RFCOMM - ok
14:54:49.0222 0x5690  [ FA6ABC06B629DA29634D31F1FE0347BD, 6469EB5C43CFBF9D774DE09042E3E0B4A08B8A146A43450F591725418BF5104E ] rimspci         C:\Windows\system32\drivers\rimssne64.sys
14:54:49.0302 0x5690  rimspci - ok
14:54:49.0374 0x5690  [ 8F8539A7F5C117D4407B2985995671F2, D598C2F1F7B20E88386EADAFCA2616C3E4277521DDADF05C54933CCD9F5CA39B ] risdsnpe        C:\Windows\system32\drivers\risdsne64.sys
14:54:49.0523 0x5690  risdsnpe - ok
14:54:49.0569 0x5690  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:54:49.0739 0x5690  RpcEptMapper - ok
14:54:49.0779 0x5690  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:54:49.0839 0x5690  RpcLocator - ok
14:54:49.0930 0x5690  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:54:50.0122 0x5690  RpcSs - ok
14:54:50.0167 0x5690  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:54:50.0313 0x5690  rspndr - ok
14:54:50.0398 0x5690  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
14:54:50.0513 0x5690  RTHDMIAzAudService - ok
14:54:50.0528 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
14:54:50.0572 0x5690  SamSs - ok
14:54:50.0611 0x5690  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:54:50.0656 0x5690  sbp2port - ok
14:54:50.0716 0x5690  [ EECBBF7D76300E5558D316983961FFC1, 33E8237C9A39CEB1F0F4FB7D0466959121CF707899F43B17D6DDD92EBA398815 ] ScanUSBEMPIA    C:\Windows\system32\DRIVERS\emScan64.sys
14:54:50.0802 0x5690  ScanUSBEMPIA - ok
14:54:50.0863 0x5690  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:54:51.0039 0x5690  SCardSvr - ok
14:54:51.0087 0x5690  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:54:51.0211 0x5690  scfilter - ok
14:54:51.0320 0x5690  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
14:54:51.0773 0x5690  Schedule - ok
14:54:51.0827 0x5690  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:54:51.0934 0x5690  SCPolicySvc - ok
14:54:52.0015 0x5690  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:54:52.0375 0x5690  sdbus - ok
14:54:52.0600 0x5690  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:54:53.0076 0x5690  SDRSVC - ok
14:54:53.0224 0x5690  [ 7A4FE83F4EFF8B9D06DBB1EE48DC91C5, C9D42AC5DF55E72BC5D3F9CFA865D943A6EFE064EC147C04912545A219D8344B ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
14:54:53.0261 0x5690  Seagate Dashboard Services - ok
14:54:53.0315 0x5690  [ 118B35309A148E0D23FF32ED52CC5C36, 9C3DF5CF4B714AADC91967DF2BC9E75D51056F5F603CCB833FDDEC1A34DB7EFB ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
14:54:53.0373 0x5690  Seagate MobileBackup Service - ok
14:54:53.0415 0x5690  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:54:53.0549 0x5690  secdrv - ok
14:54:53.0640 0x5690  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:54:54.0011 0x5690  seclogon - ok
14:54:54.0288 0x5690  [ 7198BBFBE46C0070257278C536386687, 8670549D1C26F5924B3FADC35AD526C56728A51D377369B1C74397496497BE5D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
14:54:54.0429 0x5690  Secunia PSI Agent - ok
14:54:54.0506 0x5690  [ D2FCA567F9BE87E29B9A9FA32FFE79CA, 2DEFC814B5979A80FFC74242871C9ECB09FBCA994BF9069D6B1E94A5F7588F17 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
14:54:54.0585 0x5690  Secunia Update Agent - ok
14:54:54.0695 0x5690  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
14:54:54.0796 0x5690  semav6thermal64ro - ok
14:54:54.0861 0x5690  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:54:55.0022 0x5690  SENS - ok
14:54:55.0058 0x5690  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:54:55.0156 0x5690  SensrSvc - ok
14:54:55.0216 0x5690  [ 210285D5FDFB06FC25F889C7487CD4E2, 97B01541D1EE039501604FEAF4968D7E83B0298B649E123551E1CD458C72A635 ] Ser2at          C:\Windows\system32\DRIVERS\ser2at64.sys
14:54:55.0308 0x5690  Ser2at - ok
14:54:55.0347 0x5690  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:54:55.0398 0x5690  Serenum - ok
14:54:55.0439 0x5690  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:54:55.0501 0x5690  Serial - ok
14:54:55.0537 0x5690  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:54:55.0593 0x5690  sermouse - ok
14:54:55.0661 0x5690  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:54:55.0803 0x5690  SessionEnv - ok
14:54:55.0866 0x5690  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\drivers\SFEP.sys
14:54:55.0935 0x5690  SFEP - ok
14:54:55.0976 0x5690  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:54:56.0026 0x5690  sffdisk - ok
14:54:56.0047 0x5690  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:54:56.0112 0x5690  sffp_mmc - ok
14:54:56.0139 0x5690  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:54:56.0214 0x5690  sffp_sd - ok
14:54:56.0252 0x5690  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:54:56.0313 0x5690  sfloppy - ok
14:54:56.0392 0x5690  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:54:56.0551 0x5690  SharedAccess - ok
14:54:56.0632 0x5690  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:54:56.0782 0x5690  ShellHWDetection - ok
14:54:56.0825 0x5690  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:54:56.0934 0x5690  SiSRaid2 - ok
14:54:57.0026 0x5690  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:54:57.0066 0x5690  SiSRaid4 - ok
14:54:57.0135 0x5690  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:54:57.0208 0x5690  SkypeUpdate - ok
14:54:57.0257 0x5690  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:54:57.0384 0x5690  Smb - ok
14:54:57.0456 0x5690  [ 651BE03BCD0EEA41765D453DEB6050BC, D8A8132AF78E2E8BA3BCF6EE4D1C8BB4C6F2224765E04F0254B592BCB4C3CDF1 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:54:57.0547 0x5690  SmbDrvI - ok
14:54:57.0924 0x5690  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:54:58.0013 0x5690  SNMPTRAP - ok
14:54:58.0098 0x5690  [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:54:58.0167 0x5690  SOHCImp - ok
14:54:59.0795 0x5690  [ 65CC4779A29C3E82B987BD4961790DFF, 91D072ADBCD4AEB2E10D0CC97E89E92099E8061A601F1A88425B4A20FC50FF78 ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:55:01.0091 0x5690  SOHDms - ok
14:55:01.0587 0x5690  [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:55:02.0327 0x5690  SOHDs - ok
14:55:03.0557 0x5690  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:55:04.0097 0x5690  SpfService - ok
14:55:04.0572 0x5690  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:55:04.0609 0x5690  spldr - ok
14:55:05.0374 0x5690  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:55:05.0559 0x5690  Spooler - ok
14:55:05.0864 0x5690  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:55:06.0309 0x5690  sppsvc - ok
14:55:06.0358 0x5690  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:55:06.0531 0x5690  sppuinotify - ok
14:55:06.0642 0x5690  [ 4B3F898DC1378CED2F35D04E5B0CE0DF, D49AC7E72C2E57011308F6AA9C259C197853D5778187821C0BB83842E083B7D5 ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:55:06.0643 0x5690  Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\sptd.sys. md5: 4B3F898DC1378CED2F35D04E5B0CE0DF, sha256: D49AC7E72C2E57011308F6AA9C259C197853D5778187821C0BB83842E083B7D5
14:55:06.0645 0x5690  sptd - detected LockedFile.Multi.Generic ( 1 )
14:55:09.0107 0x5690  Detect skipped due to KSN trusted
14:55:09.0107 0x5690  sptd - ok
14:55:09.0254 0x5690  [ 3F1292E8ABF33070BF5A3838D85DF121, 96D3CEF6DE210463C0909499CBCD25599B76E8FC486A1CF8004807CD15986767 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:55:09.0311 0x5690  SQLWriter - ok
14:55:09.0391 0x5690  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:55:09.0546 0x5690  srv - ok
14:55:09.0603 0x5690  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:55:09.0732 0x5690  srv2 - ok
14:55:09.0773 0x5690  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:55:09.0855 0x5690  srvnet - ok
14:55:09.0911 0x5690  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:55:10.0123 0x5690  SSDPSRV - ok
14:55:10.0160 0x5690  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:55:10.0342 0x5690  SstpSvc - ok
14:55:10.0649 0x5690  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:55:10.0704 0x5690  stexstor - ok
14:55:10.0784 0x5690  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
14:55:10.0852 0x5690  StillCam - ok
14:55:10.0948 0x5690  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:55:11.0107 0x5690  stisvc - ok
14:55:11.0169 0x5690  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:55:11.0219 0x5690  swenum - ok
14:55:11.0289 0x5690  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:55:11.0514 0x5690  swprv - ok
14:55:11.0613 0x5690  [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10          C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe
14:55:11.0802 0x5690  SXDS10 - ok
14:55:11.0901 0x5690  [ C54F86A754D7EA388ABD817D7A9B712C, EC2E365EE165393543A0661783410C91D32FF4413866DC0875D67FFA7DF4F763 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:55:12.0057 0x5690  SynTP - ok
14:55:12.0220 0x5690  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
14:55:12.0454 0x5690  SysMain - ok
14:55:12.0530 0x5690  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:55:12.0620 0x5690  TabletInputService - ok
14:55:12.0675 0x5690  [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:55:12.0746 0x5690  tap0901 - ok
14:55:12.0806 0x5690  [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
14:55:12.0836 0x5690  taphss6 - ok
14:55:12.0903 0x5690  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:55:13.0063 0x5690  TapiSrv - ok
14:55:13.0201 0x5690  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:55:13.0502 0x5690  TBS - ok
14:55:13.0664 0x5690  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:55:13.0860 0x5690  Tcpip - ok
14:55:14.0294 0x5690  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:55:14.0523 0x5690  TCPIP6 - ok
14:55:14.0726 0x5690  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:55:14.0796 0x5690  tcpipreg - ok
14:55:14.0843 0x5690  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:55:14.0937 0x5690  TDPIPE - ok
14:55:14.0991 0x5690  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:55:15.0058 0x5690  TDTCP - ok
14:55:15.0120 0x5690  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:55:15.0208 0x5690  tdx - ok
14:55:15.0273 0x5690  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:55:15.0319 0x5690  TermDD - ok
14:55:15.0474 0x5690  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:55:15.0601 0x5690  TermService - ok
14:55:15.0637 0x5690  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:55:15.0721 0x5690  Themes - ok
14:55:16.0008 0x5690  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:55:16.0157 0x5690  THREADORDER - ok
14:55:16.0269 0x5690  [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:55:16.0313 0x5690  TomTomHOMEService - ok
14:55:16.0357 0x5690  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:55:16.0533 0x5690  TrkWks - ok
14:55:16.0620 0x5690  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:55:16.0774 0x5690  TrustedInstaller - ok
14:55:16.0834 0x5690  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:55:16.0889 0x5690  tssecsrv - ok
14:55:16.0943 0x5690  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:55:17.0029 0x5690  TsUsbFlt - ok
14:55:17.0045 0x5690  ttnfd - ok
14:55:17.0119 0x5690  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:55:17.0242 0x5690  tunnel - ok
14:55:17.0287 0x5690  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:55:17.0326 0x5690  uagp35 - ok
14:55:17.0374 0x5690  [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
14:55:17.0407 0x5690  uCamMonitor - ok
14:55:17.0471 0x5690  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:55:17.0634 0x5690  udfs - ok
14:55:17.0700 0x5690  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:55:17.0764 0x5690  UI0Detect - ok
14:55:17.0792 0x5690  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:55:17.0841 0x5690  uliagpkx - ok
14:55:17.0902 0x5690  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:55:17.0942 0x5690  umbus - ok
14:55:17.0972 0x5690  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:55:18.0029 0x5690  UmPass - ok
14:55:18.0282 0x5690  [ 11A559E0F10CC5E788984023DF400A6F, B16B6C2305B421402C2FA4D4D32A8359C4A5B5F14D14C04A1AE7BEC7EEA13047 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:55:18.0617 0x5690  UNS - ok
14:55:18.0665 0x5690  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:55:18.0829 0x5690  upnphost - ok
14:55:18.0870 0x5690  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:55:18.0899 0x5690  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
14:55:21.0361 0x5690  Detect skipped due to KSN trusted
14:55:21.0361 0x5690  USBAAPL64 - ok
14:55:21.0463 0x5690  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:55:21.0542 0x5690  usbaudio - ok
14:55:21.0585 0x5690  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:55:21.0748 0x5690  usbccgp - ok
14:55:21.0815 0x5690  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:55:21.0919 0x5690  usbcir - ok
14:55:21.0968 0x5690  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:55:22.0009 0x5690  usbehci - ok
14:55:22.0090 0x5690  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:55:22.0167 0x5690  usbhub - ok
14:55:22.0198 0x5690  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:55:22.0243 0x5690  usbohci - ok
14:55:22.0288 0x5690  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:55:22.0366 0x5690  usbprint - ok
14:55:22.0453 0x5690  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
14:55:22.0533 0x5690  usbser - ok
14:55:22.0588 0x5690  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:55:22.0723 0x5690  USBSTOR - ok
14:55:22.0788 0x5690  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:55:22.0845 0x5690  usbuhci - ok
14:55:22.0917 0x5690  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:55:22.0986 0x5690  usbvideo - ok
14:55:23.0982 0x5690  [ 22BF25D9A5B403675358B2D8D9984894, 5F37BD18DBA68D3958B6225CFB06ADD28A5AF5448ECBFF93D8637A4E662607D9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
14:55:24.0123 0x5690  USER_ESRV_SVC - ok
14:55:24.0153 0x5690  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:55:24.0274 0x5690  UxSms - ok
14:55:24.0410 0x5690  [ A60605FC66552B421EE1F3D4EBB9A4E0, DCAC76EACAABD38E3896F78B56F51D08ECCC46E360DC29857526929900455E07 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:55:24.0470 0x5690  VAIO Event Service - ok
14:55:24.0574 0x5690  [ D469BE2723F79CF4B384680B1FDC577D, 8967D83D7A59E1C04F1A252246ABD7B64ABEC36BF02E3CA5BD672ABCA36E2BE0 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:55:24.0734 0x5690  VAIO Power Management - ok
14:55:24.0892 0x5690  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
14:55:24.0928 0x5690  VaultSvc - ok
14:55:24.0983 0x5690  [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus        C:\Windows\system32\DRIVERS\vcd10bus.sys
14:55:25.0067 0x5690  vcd10bus - ok
14:55:25.0175 0x5690  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:55:25.0512 0x5690  VCFw - ok
14:55:25.0589 0x5690  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
14:55:25.0664 0x5690  VClone - ok
14:55:25.0746 0x5690  [ F19275655B42086C884ABCDAE2C659AE, D5D36DFF2D316C390E0336B51EE9C4B23705A52A3BBCCB13CC0B95FCF5761344 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:55:25.0850 0x5690  VcmIAlzMgr - ok
14:55:25.0940 0x5690  [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1, C64F9DE0A48A56EDDAB6FEB58F6EEE0A792DE5C669A2DB0776E9E374724F0AFE ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:55:26.0158 0x5690  VcmINSMgr - ok
14:55:26.0196 0x5690  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:55:26.0280 0x5690  VcmXmlIfHelper - ok
14:55:26.0333 0x5690  [ B430617858DBA164F64E7974D80EBEB9, DE69180925B971901C1AEDD864020B4F1ECEA3094EDAFC408F5865690F2E7D1E ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
14:55:26.0376 0x5690  VCService - ok
14:55:26.0746 0x5690  [ F0ECF990B3DE8842E948279AF31CC4E5, EF8C8D6F292A39914EDAB9BEF8E5243B60A7FAC48620D144A0F2079C852B3092 ] vdrv1000        C:\Windows\system32\Drivers\VDRV1000.SYS
14:55:26.0874 0x5690  vdrv1000 - ok
14:55:26.0963 0x5690  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:55:27.0007 0x5690  vdrvroot - ok
14:55:27.0101 0x5690  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:55:27.0289 0x5690  vds - ok
14:55:27.0333 0x5690  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:55:27.0390 0x5690  vga - ok
14:55:27.0417 0x5690  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:55:27.0571 0x5690  VgaSave - ok
14:55:27.0643 0x5690  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:55:27.0718 0x5690  vhdmp - ok
14:55:27.0760 0x5690  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:55:27.0802 0x5690  viaide - ok
14:55:27.0828 0x5690  VMnetAdapter - ok
14:55:27.0898 0x5690  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:55:27.0941 0x5690  volmgr - ok
14:55:28.0018 0x5690  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:55:28.0111 0x5690  volmgrx - ok
14:55:28.0184 0x5690  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:55:28.0256 0x5690  volsnap - ok
14:55:28.0321 0x5690  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:55:28.0388 0x5690  vsmraid - ok
14:55:28.0534 0x5690  [ 047F22BDFDAE6DF6F1E47E747A1237A2, D6B6996B0E3BB95A71FB425BD47294A175D29F258BAA7CDD167ABB477B56D5DB ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:55:28.0649 0x5690  VSNService - detected UnsignedFile.Multi.Generic ( 1 )
14:55:31.0610 0x5690  Detect skipped due to KSN trusted
14:55:31.0610 0x5690  VSNService - ok
14:55:32.0207 0x5690  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:55:32.0528 0x5690  VSS - ok
14:55:32.0752 0x5690  [ 24D6F6D7AE866A6875965EFE9D8EE3F3, 344DFC1BFA1026B2AC3C883F5DAA78EB142299B717035444CE0DD8A548BEF10C ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
14:55:32.0930 0x5690  VUAgent - ok
14:55:32.0963 0x5690  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:55:33.0011 0x5690  vwifibus - ok
14:55:33.0042 0x5690  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:55:33.0122 0x5690  vwififlt - ok
14:55:33.0167 0x5690  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:55:33.0213 0x5690  vwifimp - ok
14:55:33.0271 0x5690  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:55:33.0413 0x5690  W32Time - ok
14:55:33.0518 0x5690  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
14:55:33.0628 0x5690  W3SVC - ok
14:55:33.0661 0x5690  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:55:33.0706 0x5690  WacomPen - ok
14:55:33.0765 0x5690  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:55:33.0872 0x5690  WANARP - ok
14:55:33.0929 0x5690  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:55:34.0045 0x5690  Wanarpv6 - ok
14:55:34.0124 0x5690  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
14:55:34.0183 0x5690  WAS - ok
14:55:34.0348 0x5690  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:55:34.0559 0x5690  WatAdminSvc - ok
14:55:34.0833 0x5690  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:55:35.0112 0x5690  wbengine - ok
14:55:35.0177 0x5690  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:55:35.0288 0x5690  WbioSrvc - ok
14:55:35.0635 0x5690  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:55:35.0759 0x5690  wcncsvc - ok
14:55:35.0792 0x5690  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:55:35.0908 0x5690  WcsPlugInService - ok
14:55:35.0970 0x5690  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:55:36.0020 0x5690  Wd - ok
14:55:36.0143 0x5690  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:55:36.0304 0x5690  Wdf01000 - ok
14:55:36.0357 0x5690  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:55:36.0460 0x5690  WdiServiceHost - ok
14:55:36.0489 0x5690  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:55:36.0548 0x5690  WdiSystemHost - ok
14:55:36.0629 0x5690  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
14:55:36.0738 0x5690  WebClient - ok
14:55:36.0777 0x5690  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:55:36.0920 0x5690  Wecsvc - ok
14:55:36.0961 0x5690  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:55:37.0155 0x5690  wercplsupport - ok
14:55:37.0476 0x5690  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:55:37.0647 0x5690  WerSvc - ok
14:55:37.0681 0x5690  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:55:37.0838 0x5690  WfpLwf - ok
14:55:37.0912 0x5690  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:55:38.0008 0x5690  WimFltr - ok
14:55:38.0073 0x5690  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:55:38.0131 0x5690  WIMMount - ok
14:55:38.0168 0x5690  WinDefend - ok
14:55:38.0223 0x5690  WinHttpAutoProxySvc - ok
14:55:38.0300 0x5690  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:55:38.0427 0x5690  Winmgmt - ok
14:55:39.0262 0x5690  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:55:39.0713 0x5690  WinRM - ok
14:55:40.0061 0x5690  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
14:55:40.0124 0x5690  WinUsb - ok
14:55:40.0234 0x5690  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:55:40.0396 0x5690  Wlansvc - ok
14:55:40.0676 0x5690  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:55:40.0981 0x5690  wlidsvc - ok
14:55:41.0064 0x5690  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:55:41.0122 0x5690  WmiAcpi - ok
14:55:41.0186 0x5690  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:55:41.0270 0x5690  wmiApSrv - ok
14:55:41.0310 0x5690  WMPNetworkSvc - ok
14:55:41.0355 0x5690  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:55:41.0470 0x5690  WPCSvc - ok
14:55:42.0071 0x5690  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:55:42.0182 0x5690  WPDBusEnum - ok
14:55:42.0223 0x5690  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:55:42.0401 0x5690  ws2ifsl - ok
14:55:42.0454 0x5690  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:55:42.0818 0x5690  wscsvc - ok
14:55:42.0904 0x5690  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:55:42.0987 0x5690  WSDPrintDevice - ok
14:55:43.0043 0x5690  WSearch - ok
14:55:43.0730 0x5690  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:55:44.0091 0x5690  wuauserv - ok
14:55:44.0144 0x5690  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:55:44.0235 0x5690  WudfPf - ok
14:55:44.0301 0x5690  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:55:44.0382 0x5690  WUDFRd - ok
14:55:44.0483 0x5690  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:55:44.0559 0x5690  wudfsvc - ok
14:55:44.0696 0x5690  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:55:44.0814 0x5690  WwanSvc - ok
14:55:44.0900 0x5690  [ 5250193EF8E173AA7491250F00EB367F, FF33B5112C5702CBD8EF2B0B5E49428973054B961F3B105419F7A47E2057B8A6 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:55:44.0984 0x5690  yukonw7 - ok
14:55:45.0061 0x5690  ================ Scan global ===============================
14:55:45.0504 0x5690  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:55:45.0584 0x5690  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:55:45.0618 0x5690  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:55:45.0780 0x5690  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:55:45.0853 0x5690  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:55:45.0907 0x5690  [ Global ] - ok
14:55:45.0908 0x5690  ================ Scan MBR ==================================
14:55:45.0924 0x5690  [ 08B26729634452D0C2889C002B1BB97C ] \Device\Harddisk0\DR0
14:55:48.0376 0x5690  \Device\Harddisk0\DR0 - ok
14:55:48.0377 0x5690  ================ Scan VBR ==================================
14:55:48.0408 0x5690  [ E5E2F42807DE9EC7463BB90A6A8AAF0D ] \Device\Harddisk0\DR0\Partition1
14:55:48.0419 0x5690  \Device\Harddisk0\DR0\Partition1 - ok
14:55:48.0440 0x5690  [ 445D6AC15BD82B721CBA8ED33B4C97D7 ] \Device\Harddisk0\DR0\Partition2
14:55:48.0446 0x5690  \Device\Harddisk0\DR0\Partition2 - ok
14:55:48.0489 0x5690  [ 759437E1BFAB8B09DEF8B414D28E079F ] \Device\Harddisk0\DR0\Partition3
14:55:48.0494 0x5690  \Device\Harddisk0\DR0\Partition3 - ok
14:55:48.0497 0x5690  ================ Scan generic autorun ======================
14:55:48.0650 0x5690  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
14:55:48.0804 0x5690  MSC - ok
14:55:49.0797 0x5690  [ CAF4777D51A4DC6B62219A0C579F8723, 84BBF7625656BB3B10C0C4CEDEE539F044335CEEEFECFDD78CE908DBFF13F9A3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:55:50.0993 0x5690  RtHDVCpl - ok
14:55:51.0214 0x5690  [ 1A87CB56BB2385657C7808F876902C20, 277A36F3262BEF0B6FA24381BA09685B1C9E3B1A75C47D6E7C96DBBA4CAB41D1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:55:51.0454 0x5690  RtHDVBg - ok
14:55:51.0460 0x5690  SynTPEnh - ok
14:55:51.0859 0x5690  [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe
14:55:51.0910 0x5690  iTunesHelper - ok
14:55:52.0136 0x5690  [ B3B6EECF46274B6C15FE882470A73166, 3C32EEFE22CD8CB3862A1092E6BEC8787163850CEFF624F9A3F1861BEA3A1953 ] C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe
14:55:52.0527 0x5690  {d0e166af-1634-4c0b-ae96-2180e61f9d38} - ok
14:55:52.0892 0x5690  [ A2C38CC58AD1DE361080402E20C350B3, 534C749B0FAD0CAABD295C25748DC5C911CEB61BB26DF335C8061502E664CE0B ] C:\Users\Klaus\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat
14:55:53.0046 0x5690  360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e - detected UnsignedFile.Multi.Generic ( 1 )
14:55:55.0910 0x5690  360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - warning
14:55:57.0809 0x308c  Object required for P2P: [ B3B6EECF46274B6C15FE882470A73166 ] C:\ProgramData\Package Cache\{d0e166af-1634-4c0b-ae96-2180e61f9d38}\Avira.OE.Setup.Bundle.exe
14:55:59.0039 0x5690  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:55:59.0298 0x5690  Sidebar - ok
14:55:59.0423 0x5690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:55:59.0501 0x5690  mctadmin - ok
14:55:59.0612 0x5690  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:55:59.0745 0x5690  Sidebar - ok
14:55:59.0776 0x5690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:55:59.0848 0x5690  mctadmin - ok
14:56:00.0053 0x5690  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
14:56:00.0268 0x5690  Sidebar - ok
14:56:00.0322 0x308c  Object send P2P result: true
14:56:00.0384 0x5690  [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
14:56:00.0419 0x5690  iCloudServices - ok
14:56:00.0472 0x5690  [ 8C5A712AA2C4A0F106965D199D8B73B8, AED43CD6E85CC92AD72AE344842F47E39E288BEC78168CBF8BB6A6B9105FBFB8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
14:56:00.0508 0x5690  iCloudDrive - ok
14:56:00.0565 0x5690  [ 2E4529B5F54B843F1E3A51B8DAEC899B, 3282107810062FEE024CBFB626F91F342B10E7278A4876C75E25B51B07AC3BCA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
14:56:00.0635 0x5690  iCloudPhotos - ok
14:56:00.0731 0x5690  [ 8214193359CEE333F1330A3F99FA1AEB, 79ADE8D2A0A666E1965D9FD67385D26C858127C002784351EFFAC46A69E107A3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
14:56:00.0765 0x5690  Uploader - ok
14:56:01.0121 0x5690  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
14:56:01.0406 0x5690  HP Officejet Pro 8500 A910 (NET) - ok
14:56:02.0261 0x5690  [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe
14:56:03.0228 0x5690  CCleaner Monitoring - ok
14:56:03.0491 0x5690  [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
14:56:03.0540 0x5690  Dropbox Update - ok
14:56:03.0651 0x5690  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:56:03.0844 0x5690  Sidebar - ok
14:56:03.0881 0x5690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:56:03.0959 0x5690  mctadmin - ok
14:56:03.0961 0x5690  Waiting for KSN requests completion. In queue: 14
14:56:04.0962 0x5690  Waiting for KSN requests completion. In queue: 14
14:56:05.0963 0x5690  Waiting for KSN requests completion. In queue: 14
14:56:07.0492 0x5690  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.14.257 ), 0x40010 ( disabled : outofdate )
14:56:07.0518 0x5690  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
14:56:07.0619 0x5690  Win FW state via NFP2: enabled ( trusted )
14:56:10.0085 0x5690  ============================================================
14:56:10.0085 0x5690  Scan finished
14:56:10.0085 0x5690  ============================================================
14:56:10.0120 0x40e0  Detected object count: 1
14:56:10.0120 0x40e0  Actual detected object count: 1
14:57:05.0542 0x40e0  360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:05.0542 0x40e0  360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e ( UnsignedFile.Multi.Generic ) - User select action: Skip

Deathkid535 · 21.12.2015, 15:06

Hi,

Schritt # 1: MBAM

Lade dir, falls nicht schon vorhanden,

Malwarebytes Anti-Malware herunter, installiere und starte es.

Gehe in die Einstellungen, unter Erkennung und Schutz und setze das Hakerl für Suche nach Rootkits
Wechsle ins Amaturenbrett und klicke auf Jetzt Scannen
Nachdem der Suchlauf abgeschlossen ist, verschiebe alle vorhandenen Funde in die Quarantäne.
Nachdem der PC neu gestartet hat, findest du unter dem Punkt Verlauf dein Logfile. Poste mir dieses hier.

Schritt # 2: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 3: FRST

Und noch ein frisches FRST-Log bitte.

Schritt # 4: Bitte Posten

Das Log von MBAM
Das Log von AdwCleaner
Das frische FRST-Log

klaus45 · 22.12.2015, 13:28

Hi Dennis,
MBAW legt zwei Protokolldateien an. Ich poste mal beide und dann die ADW-Datei und schließlich die FRST-Datei.

mfG
Klaus

mbam-log-2015-12-21 (16-17-25).xml

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/12/21 16:17:28 +0100</date>
<logfile>mbam-log-2015-12-21 (16-17-25).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.12.21.04</malware-database>
<rootkit-database>v2015.12.18.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>LAPTOP</hostname>
<ip>192.168.2.102</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Klaus</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>448989</objects>
<time>20606</time>
<processes>0</processes>
<modules>0</modules>
<keys>16</keys>
<values>11</values>
<datas>1</datas>
<folders>4</folders>
<files>15</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>enabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}</path><vendor>PUP.Optional.Iminent</vendor><action>success</action><hash>b1076740fc8f69cd6418b8b229d9db25</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}</path><vendor>PUP.Optional.Iminent</vendor><action>success</action><hash>b1076740fc8f69cd6418b8b229d9db25</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}</path><vendor>PUP.Optional.2YourFace</vendor><action>success</action><hash>ffb96a3d305b340273ad71e76c96aa56</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph</path><vendor>PUP.Optional.SettingsProtector</vendor><action>success</action><hash>5662149396f5f145b8f10eacf40f827e</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NGNJHFPFHADNCGAFGBNEELJAGINIMMMK</path><vendor>PUP.Optional.Conduit</vendor><action>success</action><hash>6c4ce5c27516d1654efd6d43f80ac23e</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD</path><vendor>PUP.Optional.TermTutor</vendor><action>success</action><hash>90282f785536fe385a79338e1de618e8</hash></key>
<key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 15</path><vendor>PUP.Optional.SmartSaver</vendor><action>success</action><hash>e2d6d5d22368c17567c514a81de608f8</hash></key>
<key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>bdfb03a41972e94dd21fbfd66d96ef11</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\lollipop</path><vendor>PUP.Optional.CouponMarvel.AppFlsh</vendor><action>success</action><hash>9424a601bccf1d19235a0004f80c02fe</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>5d5b1a8d3b50092dd62c8f082ed5f40c</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>ffb95750e2a99e98c53caceb2fd454ac</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>f5c35b4ccbc0989e92703b5c9e6506fa</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>d2e692150d7e3bfb6999d1c643c0b64a</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>09af0c9b92f98caa9071c4d38a79827e</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>e1d7b0f7b9d26cca8d741d7a27dcb34d</hash></key>
<key><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}</path><vendor>PUP.Optional.CrossRider</vendor><action>success</action><hash>7f39f6b11477072f35cc9afd40c3867a</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ngnjhfpfhadncgafgbneeljaginimmmk</path><valuename>path</valuename><vendor>PUP.Optional.Conduit</vendor><action>success</action><valuedata>C:\Users\Klaus\AppData\Local\Temp\tbch.crx</valuedata><hash>6c4ce5c27516d1654efd6d43f80ac23e</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>termtutor@termtutor.com</valuename><vendor>PUP.Optional.TermTutor</vendor><action>success</action><valuedata>C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com</valuedata><hash>f6c2ffa86427c373f1e19130808329d7</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD</path><valuename>ImagePath</valuename><vendor>PUP.Optional.TermTutor</vendor><action>success</action><valuedata>system32\drivers\ttnfd.sys</valuedata><hash>90282f785536fe385a79338e1de618e8</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>5d5b1a8d3b50092dd62c8f082ed5f40c</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>ffb95750e2a99e98c53caceb2fd454ac</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>f5c35b4ccbc0989e92703b5c9e6506fa</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe</valuedata><hash>d2e692150d7e3bfb6999d1c643c0b64a</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>09af0c9b92f98caa9071c4d38a79827e</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>e1d7b0f7b9d26cca8d741d7a27dcb34d</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider</vendor><action>success</action><valuedata>5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe</valuedata><hash>7f39f6b11477072f35cc9afd40c3867a</hash></value>
<value><path>HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>BrowserMngrDefaultScope</valuename><vendor>PUP.Optional.BrowserMngr</vendor><action>success</action><valuedata>{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}</valuedata><hash>fdbb2d7a3e4d5adc7f92b64c30d4837d</hash></value>
<data><path>HKCR\scrfile\shell\open\command</path><valuename></valuename><vendor>Broken.OpenCommand</vendor><action>delete-on-reboot</action><valuedata></valuedata><baddata></baddata><gooddata>&quot;%1&quot; /S</gooddata><hash>ffffffffffffffffffffffffffffffff</hash></data>
<folder><path>C:\ProgramData\APN\APN-Stub</path><vendor>PUP.Optional.APNToolBar.Gen</vendor><action>success</action><hash>6f49b6f11774999dfa94bfbf9969c63a</hash></folder>
<folder><path>C:\ProgramData\Browser Manager\2.2.630.40</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder>
<folder><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder>
<folder><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></folder>
<file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\WirelessNetView.exe</path><vendor>PUP.Optional.WirelessNetworkTool</vendor><action>success</action><hash>08b0f3b4315af73fae8e9714a0647987</hash></file>
<file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\iehv.exe</path><vendor>PUP.Optional.HistoryTool</vendor><action>success</action><hash>3b7d6a3d90fbe4529b683f31837ec63a</hash></file>
<file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\strun.exe</path><vendor>PUP.Optional.StartUpManager</vendor><action>success</action><hash>3187a205becd54e22677a8c8768bf20e</hash></file>
<file><path>C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\ProduKey.exe</path><vendor>PUP.Optional.ProductKeyFinder</vendor><action>success</action><hash>c0f80f9893f8be78b0a669079d640ef2</hash></file>
<file><path>C:\Windows\Installer\280e0b43.msi</path><vendor>PUP.Optional.VeriStaff</vendor><action>success</action><hash>3e7a87208803df578c38f81faa562fd1</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22</path><vendor>PUP.Optional.BrowserManager</vendor><action>success</action><hash>5a5e6245296277bffe410d76d1312cd4</hash></file>
<file><path>C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml</path><vendor>PUP.Optional.ASK</vendor><action>success</action><hash>2890d3d4711a53e3f106862fd62e966a</hash></file>
</items>
</mbam-log>

protection-log-2015-12-21.xml

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-8" ?>
<logs>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.613430+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2013.10.16.1" last_modified_tag="8f3ed0da-17c6-4abb-8615-2a2552d48b2f" name="Remediation Database" toVersion="2015.12.15.2"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.650432+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2014.10.15.1" last_modified_tag="4d1b447f-8c8e-4012-a2cb-4c9ec9141ac3" name="Rootkit Database" toVersion="2015.12.18.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:25.675434+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="0.0.0.0" last_modified_tag="8847cb5f-2005-4471-9194-616cd6def3bc" name="IP Database" toVersion="2015.12.19.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:27.273525+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="0.0.0.0" last_modified_tag="975d8d09-68d7-4a48-ad8f-a214b760ebab" name="Domain Database" toVersion="2015.12.20.2"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:36.591988+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2014.10.15.3" last_modified_tag="eb112c2b-fd45-4b26-b3a4-0694227d994d" name="Malware Database" toVersion="2015.12.21.4"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:11:49.242507+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2.0.2.1012" last_modified_tag="cdc7c9fd-6d2a-4f16-b0da-00080eed0925" name="program" toVersion="2.2.0.1024"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.026955+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.16.1" last_modified_tag="d6f41498-1c97-4ac2-bf61-3d6d0f6e57a9" name="Remediation Database" toVersion="2015.12.15.2"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.320967+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.21.2" last_modified_tag="dee012a5-f812-421c-a0ce-bf530196e8c7" name="IP Database" toVersion="2015.12.19.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.378970+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.22.3" last_modified_tag="48e0e3a2-6c64-4ab8-9882-fbf69d415f0d" name="Domain Database" toVersion="2015.12.20.2"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:31.802171+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.18.1" last_modified_tag="81a018a6-ab1d-4f80-b4f9-4c532e1c4c95" name="Rootkit Database" toVersion="2015.12.18.1"></record>
   <record severity="debug" LoggingEventType="1" datetime="2015-12-21T16:14:36.132410+01:00" source="Manual" type="Update" username="SYSTEM" systemname="LAPTOP" fromVersion="2015.9.22.5" last_modified_tag="83935c50-a7d2-4e2d-b256-f0c53483038d" name="Malware Database" toVersion="2015.12.21.4"></record>
   <record severity="debug" LoggingEventType="6" datetime="2015-12-21T22:28:17.923546+01:00" source="Manual" type="Scan" username="SYSTEM" systemname="LAPTOP" duration="20606" last_modified_tag="901c146a-48fa-45bd-96e6-b38418efca2c" malwaredetections="2" nonmalwaredetections="92" scanresult="completed" scantype="threat" starttime="2015-12-21T16:17:28+01:00"></record>
   <record severity="debug" LoggingEventType="4" datetime="2015-12-21T22:33:18.717555+01:00" source="Protection" type="Error" username="SYSTEM" systemname="LAPTOP" code="13" last_modified_tag="2b3ce3d9-915c-4f9f-aa16-9a3ec9e1e52b" message="IsLicensed"></record>
   <record severity="debug" LoggingEventType="2" datetime="2015-12-21T22:33:18.795555+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="LAPTOP" last_modified_tag="94c3be4b-9ff2-45cb-a4bf-bda9c4b784e5" result="Stopping" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2015-12-21T22:33:18.795555+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="LAPTOP" last_modified_tag="3955b8b2-cf27-43ff-9749-a8f5f42ae265" result="Stopped" subtype="Malware Protection"></record>
</logs>

AdwCleaner[S3].txt
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.026 - Bericht erstellt am 22/12/2015 um 12:56:45
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-21.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Klaus - LAPTOP
# Gestartet von : D:\Eigene Dateien\Downloads\adwcleaner_5.026.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files\FileViewPro
Ordner Gefunden : C:\Program Files (x86)\vmntoolbar
Ordner Gefunden : C:\Program Files (x86)\Free FLV Converter
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\ParetoLogic
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\ProgramData\DriverBoost
Ordner Gefunden : C:\ProgramData\mntemp
Ordner Gefunden : C:\Users\Klaus\music\qtrax media library
Ordner Gefunden : C:\Users\Klaus\AppData\Local\eSupport.com
Ordner Gefunden : C:\Users\Klaus\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Klaus\AppData\Local\PackageAware
Ordner Gefunden : C:\Users\Klaus\AppData\Local\FileViewPro
Ordner Gefunden : C:\Users\Klaus\AppData\Local\DriverTuner
Ordner Gefunden : C:\Users\Klaus\AppData\Local\slimware utilities inc
Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\HPAppData
Ordner Gefunden : C:\Users\Klaus\AppData\LocalLow\vmntoolbar
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\DriverCure
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\GrabPro
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\HPAppData
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\ParetoLogic
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\Solvusoft
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\ProgSense
Ordner Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
Ordner Gefunden : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Dateien ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\components\AskSearch.js
Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gefunden : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gefunden : C:\Windows\Reimage.ini

***** [ DLL ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.helperbar.com/?publisher=YahooSM&dpid=YahooSM&co=DE&userid=9d274d60-2961-a68a-7e5a-56a6cdbf4c7b&searchtype=sc&fr=linkury-tb&installDate=14/10/2014&barcodeid=145243&um=0&type=hp15000 )

***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : DriverBoost-RTMRules
Geplante Aufgabe Gefunden : DriverBoost-RTMUpdater
Geplante Aufgabe Gefunden : DriverBoost-RTMScan
Geplante Aufgabe Gefunden : DriverBoost-RTMScanRunOnce

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Schlüssel Gefunden : HKCU\Software\5e2d9d9b33ee810
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKCU\Software\BrowserMngr
Schlüssel Gefunden : HKCU\Software\eSupport.com
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\ParetoLogic
Schlüssel Gefunden : HKCU\Software\UpdateStar
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\DriverTuner_Init
Schlüssel Gefunden : HKCU\Software\DriverTuner
Schlüssel Gefunden : HKCU\Software\ProgSense
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\BrowserMngr
Schlüssel Gefunden : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gefunden : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\TermTutor
Schlüssel Gefunden : HKLM\SOFTWARE\SlimWare Utilities Inc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gefunden : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Schlüssel Gefunden : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snapdoc

***** [ Internetbrowser ] *****

[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.LVD-SAE.newTabSearchURL", "\"hxxp://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-10-30&d=533-107-0&v=8.5-881-0&apn_ptnrs=[...]
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.LVD-SAE.searchURL", "\"hxxp://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-10-30&d=533-107-0&v=8.5-881-0&apn_ptnrs=%5EAG5\[...]
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.firstKnownVersion", "7.18.8.36159");
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.installKeysSource", "Cookies");
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.isCompliantUninstallImplementation", true);
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.lastKnownVersion", "7.18.8.36159");
[C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\prefs.js] [Preference] Gefunden : user_pref("extensions.toolbar.mindspark._dzMembers_.toolbarCollapsed", false);

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [23551 Bytes] ##########

--- --- ---

FRST.txt

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Klaus (Administrator) auf LAPTOP (22-12-2015 13:03:45)
Gestartet von D:\Eigene Dateien\Downloads
Geladene Profile: Klaus &  (Verfügbare Profile: Klaus & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() D:\Eigene Dateien\Downloads\adwcleaner_5.026.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.)
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] ()
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03]
ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei)
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1
Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO: Kein Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Keine Datei
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  Keine Datei
Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} -  Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.)
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31]
FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19]
FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29]
FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert]
FF HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-22] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-22] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] ()
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert]
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH)
U3 DfSdkS; kein ImagePath
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 12:33 - 2015-12-22 12:56 - 00000000 ____D C:\AdwCleaner
2015-12-21 18:05 - 2015-12-21 18:05 - 00001057 _____ C:\Users\Klaus\ADWCleaner.txt
2015-12-21 15:57 - 2015-12-21 15:57 - 00243941 _____ C:\Users\Klaus\TDSSKiller-Report1.txt
2015-12-21 14:51 - 2015-12-21 15:59 - 00487972 _____ C:\TDSSKiller.3.1.0.9_21.12.2015_14.51.38_log.txt
2015-12-21 13:06 - 2015-12-22 13:03 - 00000000 ____D C:\FRST
2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer
2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer
2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat
2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero
2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools
2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools
2015-12-03 11:20 - 2015-12-22 12:41 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job
2015-12-03 11:20 - 2015-12-22 12:29 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job
2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA
2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core
2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox
2015-11-30 14:53 - 2015-11-30 14:53 - 00000000 __SHD C:\$360Section
2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant
2015-11-30 14:27 - 2015-12-21 22:31 - 00000000 ____D C:\360SANDBOX
2015-11-30 14:26 - 2015-12-21 22:37 - 00000000 ____D C:\Program Files (x86)\360
2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK
2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp
2015-11-22 12:46 - 2015-11-22 12:46 - 00000000 ____D C:\Users\Klaus\Neuer Ordner (2)
2015-11-22 12:24 - 2015-11-22 12:24 - 00000000 ____D C:\Users\Klaus\Tierische Werbung

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 13:02 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass
2015-12-22 12:58 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-22 12:44 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 12:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-22 12:32 - 2015-06-26 11:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-22 12:32 - 2015-06-26 11:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-22 12:32 - 2015-06-26 11:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-22 12:30 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 12:29 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job
2015-12-22 12:29 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job
2015-12-21 22:51 - 2014-09-09 08:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 22:42 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 22:42 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 22:40 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive
2015-12-21 22:40 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox
2015-12-21 22:40 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2015-12-21 22:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 22:35 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-12-21 22:32 - 2014-09-09 08:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-21 22:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 22:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-12-21 22:28 - 2015-06-21 13:57 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\NirSoft Utilities
2015-12-21 22:28 - 2013-07-09 13:08 - 00000000 ____D C:\ProgramData\APN
2015-12-21 22:28 - 2012-09-11 14:08 - 00000000 ____D C:\ProgramData\Browser Manager
2015-12-21 18:05 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus
2015-12-21 16:13 - 2014-09-09 08:21 - 00001072 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-21 16:13 - 2014-09-09 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-21 15:52 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc
2015-12-21 13:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser
2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat
2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat
2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 08:28 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps
2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live
2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss
2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP
2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle
2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss
2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER
2015-11-30 15:13 - 2015-08-08 17:39 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt
2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos
2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft
2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump
2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3
2015-11-23 16:46 - 2013-10-18 08:13 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 15:39 - 2011-10-24 19:11 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-11-23 15:33 - 2014-01-15 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-23 15:33 - 2013-10-18 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 15:33 - 2011-11-12 12:19 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-23 15:32 - 2015-11-05 17:41 - 00000000 ____D C:\Users\Klaus\.oracle_jre_usage
2015-11-23 15:30 - 2015-04-16 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-23 15:14 - 2015-01-30 16:24 - 00000000 ____D C:\Program Files\CDBurnerXP
2015-11-22 13:08 - 2015-01-30 16:24 - 00001748 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-11-22 13:08 - 2015-01-30 16:24 - 00001698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe
2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll
2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt
2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res
2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db
2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def
2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Klaus\AppData\Roaming\LL
2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini
2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat
2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf
2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log
2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys
2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp
2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat
2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml
2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG
2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus
2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel
2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg
2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib
2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr
2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log
2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe
2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-29 17:55 - 2015-10-29 17:55 - 0000016 _____ () C:\ProgramData\mntemp

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Klaus\jobq.dat
C:\Users\Klaus\netzlw.vbs
C:\Users\Klaus\time1.bat
C:\Users\Klaus\vbaconv.bat


Einige Dateien in TEMP:
====================
C:\Users\Klaus\AppData\Local\Temp\-bfjpesr.dll
C:\Users\Klaus\AppData\Local\Temp\avgnt.exe
C:\Users\Klaus\AppData\Local\Temp\ctmyh-q6.dll
C:\Users\Klaus\AppData\Local\Temp\DivXSetup.exe
C:\Users\Klaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvlefog.dll
C:\Users\Klaus\AppData\Local\Temp\GLF2767.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF3E32.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF5C66.EXE
C:\Users\Klaus\AppData\Local\Temp\GLF6878.EXE
C:\Users\Klaus\AppData\Local\Temp\HOST17152.exe
C:\Users\Klaus\AppData\Local\Temp\ikryuqe5.dll
C:\Users\Klaus\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Klaus\AppData\Local\Temp\ls3grcji.dll
C:\Users\Klaus\AppData\Local\Temp\pf3lfiun.dll
C:\Users\Klaus\AppData\Local\Temp\sqlite3.dll
C:\Users\Klaus\AppData\Local\Temp\tmd_34019176.exe
C:\Users\Klaus\AppData\Local\Temp\uninstall.exe
C:\Users\Klaus\AppData\Local\Temp\v9o1xnos.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-12 11:01

==================== Ende von FRST.txt ============================

--- --- ---

klaus45 · 22.12.2015, 13:31

und noch die Quarantine.log von ADW

Code:

ATTFilter

C:\Program Files (x86)\vmntoolbar\uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\vmntoolbar\uninstall.exe.vir
C:\Program Files (x86)\Free FLV Converter\avcodec-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avcodec-52.dll.vir
C:\Program Files (x86)\Free FLV Converter\avformat-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avformat-52.dll.vir
C:\Program Files (x86)\Free FLV Converter\avutil-50.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\avutil-50.dll.vir
C:\Program Files (x86)\Free FLV Converter\FLVToX.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\FLVToX.exe.vir
C:\Program Files (x86)\Free FLV Converter\MediaInfo.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\MediaInfo.dll.vir
C:\Program Files (x86)\Free FLV Converter\SDL.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\SDL.dll.vir
C:\Program Files (x86)\Free FLV Converter\swscale-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\swscale-0.dll.vir
C:\Program Files (x86)\Free FLV Converter\VideoCoderX.ocx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Free FLV Converter\VideoCoderX.ocx.vir
C:\ProgramData\Partner\debug.log->C:\AdwCleaner\Quarantine\C\ProgramData\Partner\debug.log.vir
C:\ProgramData\DriverBoost\DriverBoost\CPUID.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\CPUID.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\dd.lic->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\dd.lic.vir
C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalActions.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalActions.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentEvents.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentEvents.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentProperties.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalEnvironmentProperties.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalRules.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\GlobalRules.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\RuleEngine\RuleHistoryController.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\RuleEngine\RuleHistoryController.dat.vir
C:\ProgramData\DriverBoost\DriverBoost\DDSM\ScanManager.dat->C:\AdwCleaner\Quarantine\C\ProgramData\DriverBoost\DriverBoost\DDSM\ScanManager.dat.vir
C:\Users\Klaus\music\qtrax media library\LinksVisited.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\LinksVisited.xml.vir
C:\Users\Klaus\music\qtrax media library\QtraxMediaLibrary.qpl->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\QtraxMediaLibrary.qpl.vir
C:\Users\Klaus\music\qtrax media library\RadiosVisited.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\music\qtrax media library\RadiosVisited.xml.vir
C:\Users\Klaus\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\FileViewPro\FileViewPro.exe_Url_jn4xqozlzppxcht2yt2wvho2bxkp31wm\1.5.0.0\user.config.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\ignores.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\ignores.dat.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\rupdates.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\rupdates.db.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\settings.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\settings.db.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\supdates.db->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\supdates.db.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.cat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.cat.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.inf->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.inf.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.sys->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\SWDUMon.sys.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15  08-53-41 0.log->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15  08-53-41 0.log.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15  09-10-36 0.log->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Logs\2012-08-15  09-10-36 0.log.vir
C:\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Images\acer.png->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Local\slimware utilities inc\SlimDrivers\Images\acer.png.vir
C:\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.vir
C:\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.pending->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\hpswpip.dat.pending.vir
C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\compreg.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\compreg.dat.vir
C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\localstore.rdf->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\localstore.rdf.vir
C:\Users\Klaus\AppData\LocalLow\HPAppData\XRE\xpti.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\HPAppData\XRE\xpti.dat.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\---Yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\---Yahoo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\01net.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\01net.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\a.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\a.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\amazon.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\amazon.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\an.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\an.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowB.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowB.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowT.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrowT.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_down.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_down.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_up.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\arrow_up.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\autofill.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\autofill.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\avstate.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\avstate.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\b.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\b.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_pub.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_pub.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_ttl.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bg_ttl.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\bn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\bn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\c.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\c.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\canalblog.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\canalblog.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\cn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\cn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\COMBOSEARCH.acs->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\COMBOSEARCH.acs.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\d.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\d.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dictionary2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dictionary2.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\DownloadCOM.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\DownloadCOM.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\dropdown.css->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\dropdown.css.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorLog.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorLog.txt.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorPageTemplate.css->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ErrorPageTemplate.css.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\f.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\f.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_argentine.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_argentine.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_australia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_australia.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_brazil.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_brazil.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_canada.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_canada.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_china.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_china.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_france.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_france.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_germany.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_germany.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_greece.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_greece.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_hongkong.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_hongkong.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_india.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_india.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_indonesia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_indonesia.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_italy.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_italy.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_japan.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_japan.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_korea.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_korea.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_mexico.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_mexico.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_netherlands.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_netherlands.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_spain.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_spain.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_sweeden.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_sweeden.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_taiwan.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_taiwan.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_uk.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_uk.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_usa.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\flag_usa.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\fn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\fn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\g.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\g.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gaming.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gaming.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\gograph.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\gograph.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred0_5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred1_5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred2_5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred3_5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4_5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred4_5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\graphred5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\help.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\help.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hideremove.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hideremove.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\highlight.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\highlight.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\hororank.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\hororank.xml.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aquarius.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aquarius.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aries.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_aries.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_cancer.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_cancer.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_capricorn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_capricorn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_gemini.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_gemini.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_leo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_leo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_libra.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_libra.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_pisces.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_pisces.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_sagittarius.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_sagittarius.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_scorpio.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_scorpio.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_taurus.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_taurus.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\h_virgo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\h_virgo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\i.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\i.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\IEtab1_7b.zip->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\IEtab1_7b.zip.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\in.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\in.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ipsearch.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ipsearch.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\j.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\j.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\jn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\jn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\k.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\k.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\kn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\kn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\l.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\l.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\ln.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\ln.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\loading.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\loading.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\login.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\login.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\logo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\logo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\n.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\n.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\New York_NY_weather.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\New York_NY_weather.txt.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\new02.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\new02.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\news.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\news.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\news.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\news.html.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\nn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\nn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\o.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\o.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\on.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\on.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pestscanimg.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pestscanimg.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pixsy.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pixsy.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\pn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\pn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_off.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_off.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_on.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_on.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_ona.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\popup_ona.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo_fr.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\p_yahoo_fr.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\q.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\q.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\qn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\qn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\r.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\r.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\relatedlinks.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\relatedlinks.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\report.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\report.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.xsl->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss.xsl.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rss1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rss1.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rsslib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rsslib.js.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\rssmenu1_6a.zip->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\rssmenu1_6a.zip.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\s.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\s.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\security.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\security.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\Sinfo.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\Sinfo.txt.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\siteinfo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\siteinfo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\slider.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\slider.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\sn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\sn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\spacer.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\spacer.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red1.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red1.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red2.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red2.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red3.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red3.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red4.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red4.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red5.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\stars-red5.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\storage.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\storage.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\t.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\t.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabdata.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabdata.js.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tablib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tablib.js.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_en.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_en.html.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_fr.html->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tabwelcome_fr.html.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tab_icon.png->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tab_icon.png.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\technorati.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\technorati.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\thes_search.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\thes_search.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\tools.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\tools.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\translate.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\translate.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\u.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\u.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\un.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\un.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\utf8.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\utf8.js.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\v.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\v.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vmlib.js->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vmlib.js.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vmntoolbartb0500.cfg->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vmntoolbartb0500.cfg.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\vn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\vn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\w.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\w.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\web.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\web.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\wikipedia.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\wikipedia.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\wn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\wn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\x.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\x.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\xp_close_small.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\xp_close_small.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\Yahoo.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\Yahoo.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\yahoo_search.gif->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\yahoo_search.gif.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\YouTube.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\YouTube.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\z.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\z.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\zn.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\zn.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\zoom.bmp->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\zoom.bmp.vir
C:\Users\Klaus\AppData\LocalLow\vmntoolbar\0\rsscenter.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\LocalLow\vmntoolbar\0\rsscenter.xml.vir
C:\Users\Klaus\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\DesktopIconForAmazon\IconForAmazon.exe.vir
C:\Users\Klaus\AppData\Roaming\DriverCure\LogFile.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\DriverCure\LogFile.txt.vir
C:\Users\Klaus\AppData\Roaming\GrabPro\conf.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\GrabPro\conf.dat.vir
C:\Users\Klaus\AppData\Roaming\HPAppData\hpswpip.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\HPAppData\hpswpip.dat.vir
C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe.vir
C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe.vir
C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallLog->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallLog.vir
C:\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallState->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallState.vir
C:\Users\Klaus\AppData\Roaming\OCS\SM\vl.dat->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\OCS\SM\vl.dat.vir
C:\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Client.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Client.txt.vir
C:\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Server.txt->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ParetoLogic\PC Health Advisor\Server.txt.vir
C:\Users\Klaus\AppData\Roaming\ProgSense\User.xml->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\ProgSense\User.xml.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Uninstall Video Converter.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Uninstall Video Converter.lnk.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Video Converter.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter\Video Converter.lnk.vir
C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar\1.1.0.0__318d21d4b0463a3b\QuickStoresToolbar.dll->C:\AdwCleaner\Quarantine\C\Windows\assembly\GAC_MSIL\QuickStoresToolbar\1.1.0.0__318d21d4b0463a3b\QuickStoresToolbar.dll.vir
C:\Program Files (x86)\Mozilla Firefox\components\AskSearch.js->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\components\AskSearch.js.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url.vir
C:\Windows\Reimage.ini->C:\AdwCleaner\Quarantine\C\Windows\Reimage.ini.vir
C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk->C:\AdwCleaner\Quarantine\C\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk.vir

Deathkid535 · 22.12.2015, 13:35

Hi,

ich brauch bitte das Scan-Log von MBAM

klaus45 · 22.12.2015, 14:20

Hi,
unter Verlauf finde ich zwei Protokolle
Schutzprotokoll protection-log
Scan-Protokoll mbam-log.

Beide sind .xml

Die habe ich doch gepostet.

mfG
Klaus

Deathkid535 · 22.12.2015, 17:06

Hi,

Eigenartig, hast du hier auch schon geschaut? Malwarebytes Anti-Malware Logfile finden - Anleitungen

klaus45 · 22.12.2015, 18:26

Hi,
da liegt mein Fehler, habe nicht exportiert. Also nochmal 6 Stunden Suchlauf. Das Ergebnis kommt dann erst morgen.

mfG
Klaus

Deathkid535 · 22.12.2015, 19:19

Hi,

6 Stunden?

Lass MBAM mal und mach das hier: Zustand der Festplatte herausfinden - so gehts - Anleitungen

22.12.2015, 13:35	#11
Deathkid535 /// Malwareteam	Cursor friert für kurze Zeit ein Hi, ich brauch bitte das Scan-Log von MBAM __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

22.12.2015, 17:06	#13
Deathkid535 /// Malwareteam	Cursor friert für kurze Zeit ein Hi, Eigenartig, hast du hier auch schon geschaut? Malwarebytes Anti-Malware Logfile finden - Anleitungen __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

22.12.2015, 19:19	#15
Deathkid535 /// Malwareteam	Cursor friert für kurze Zeit ein Hi, 6 Stunden? Lass MBAM mal und mach das hier: Zustand der Festplatte herausfinden - so gehts - Anleitungen __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

Cursor friert für kurze Zeit ein

Plagegeister aller Art und deren Bekämpfung: Cursor friert für kurze Zeit ein